GHDB
GHDB
|
Google Search: intitle:guestbook “advanced guestbook 2.2 powered”
ThrowedOff rates this entry 6 out of 10. Submitted: 2004-05-12 00:00:00 Added by: ThrowedOff Hits: 10749 Score: 6 Advanced Guestbook v2.2 has an SQL injection problem which allows unauthorized access. AttackerFrom there, hit “Admin” then do the following:Leave username field blank.For password, enter this exactly:’) OR (‘a’ = ‘aYou are now in the Guestbook’s Admin section.http://www.securityfocus.com/bid/10209 Comments: 2004-05-27 18:29:44 (Anonymous): I’m quite amazed that such a simple sql injection still works on so many sites nowadays. It will work with just about /every/ result that google pulls up 2004-05-30 09:53:12 (Fr0zen): This works perfectly, but i see i was not the first who has already tried it :) 2004-12-25 10:51:00 (vinny): Yeah, Sorry but i’m a noob and it’s maby stupid but it’s not working by me. What do i wrong ? I search i google ? then exampl: http://benjaminroldan.com/forum/admin.php then i leave the username emty en for the password i fill: ‘) OR (‘a’ = ‘a (between the // in). and i get an error Access Denied ? Or SQl Error ? Wat i doing wrong ? Ps: Srry for my bad english 2005-08-18 20:43:18 (JTR000): that one site was secured against it. try others. |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?