( ~~~ )
  ))^ ^((
 ((* - *))
   _) (_
 / '--' \     ^
//(_  _)\\   /_\
\\ )__( //   .'
 (( v  ))   (
   \| /\     '-.
    K(  \       )
    |\\  '-._.-'
    ||\\
  *_-P/,P
     '-
Want your PHP application manually audited? Check out Xxor AB's PHP Security Auditing Service

Saturday, July 9, 2011

phpMyAdmin 3.x Swekey RCI Exploit

Someone else submitted a working python exploit to exploit-db. It's already out there so I might as well publish my original exploit written in PHP.
2011-07-20 - Fixed some bugs in the exploit.

Download here

26 comments:

  1. hey nyc bro i want to learn how to find vulnerabilities in phpmyadmin i know sql injection but tht has nothing to do with this thing can u please guide me wht things to check in phpmyadmin to see if it has a hole or not

    ReplyDelete
  2. Hello I downloaded this exploit but i cant find the place where i should writ url can anybody help me

    ReplyDelete
  3. @Grish
    Uhm, what have you tried so far?

    ReplyDelete
  4. I tried to use thie exploit but dont now wehre i will write the Victims address can you help me
    I put php file into local server (denwer) then opend it in browser but i recive the folowing
    [!] Fatal error. Need cURL! [*] Exiting...
    (Sorry for mistakes English isn't my native language;)

    ReplyDelete
  5. @Grish
    Your server does not have cURL.

    ReplyDelete
  6. PHP Notice: Undefined offset: 1 in C:\xampp\php\tttt.php on line 92



    // Extract cookie
    preg_match('/phpMyAdmin=([^;]+)/', $result, $matches);
    $cookie = $matches[1];
    output("[i] Cookie:".$cookie);
    // Extract token
    preg_match('/(token=|token" value=")([0-9a-f]{32})/', $result, $matches);
    $token = $matches[2];
    output("[i] Token:".$token);

    ReplyDelete
  7. http://HOST/setup/index.php always is bloqued by a login (htaccess style)?

    ReplyDelete
  8. Hello I downloaded this exploit but i cant find the place where i should writ url can anybody help meRabattkoder Cdon

    ReplyDelete
  9. Are you also searching for spanish nursing writing services we are the best solution for you. We are best known for delivering the best services to students.  

    ReplyDelete
  10. I like the helpful information you provide in your articles. I’ll bookmark your blog and check again here regularly. write my essay

    ReplyDelete
  11. Excellent content ,Thanks for sharing this .,
    Leanpitch provides online training in CSPO, everyone can use it wisely.

    CSPO certification
    CSPO TRAINING

    ReplyDelete
  12. bons casino - Get up to 100% bonus up to $100
    bons casino bk8 ➤ Play ボンズ カジノ at Borgata online casino and play クイーンカジノ casino games ➤ Join today! ☝ SIGN IN!

    ReplyDelete
  13. Another person presented a functioning python exploit to take advantage of db. Buy Custom Essay Online It's as of now out there so should distribute unique endeavor written in PHP.

    ReplyDelete
  14. I love reading through and I believe this website got some genuinely 토토

    ReplyDelete
  15. This is a really very informative article, there is no doubt about it. Thanks for sharing this article with us. This is very nice of you. 온라인경마

    ReplyDelete
  16. Very helpful information specifically the final phase. I handle such info a lot. I used to be seeking this certain info for a long time. 토토사이트

    ReplyDelete
  17. This post is a valuable resource for industry professionals as the information provided is highly relevant and current. investing in a gold IRA

    ReplyDelete
  18. Nice to read php based articles. Thanks for sharing this beautiful informative article. Keep sharing more blogs. DUI Lawyer Suffolk VA

    ReplyDelete
  19. PayPal alternatives security is a crucial aspect to consider when choosing a payment gateway for your business. While PayPal has robust security measures in place, other payment gateways have their own unique security features.

    ReplyDelete
  20. This is very valuable post. This is very useful for me. I learned a lot of from this article. Thanks for sharing this article with us. Now its time to avail Sign and Blind Services in Eastbourne for more information.

    ReplyDelete
  21. PrivateEyesPI.com offers certified ethical hackers for tailored cybersecurity solutions. Benefit from enhanced security, peace of mind, and transparent services. Trust us to protect your digital world with legal and ethical practices. Your online security is our priority.

    ReplyDelete