This exploit targets a SQL injection vulnerability in Discuz! 1.0 by injecting a UNION-based SQL query to extract user password hashes. It sends a crafted HTTP request to the vulnerable endpoint and parses the response for a 32-character hash.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Discuz! 1.0
No auth needed
Prerequisites:Target running Discuz! 1.0 · Network access to the target