Cyber Security Forum (X-code) - PT. Teknologi Server Indonesia

Posted: **Sun May 30, 2010 10:06 pm**

Komponen yang terdapat bug sql injection = read.php
DORK: inurl:"read.php?id="

POC

http://campus.sanook.com/inlove/read.php?id=132'
http://www.inspireyourworld.com/issue6/read.php?id=23'
http://www.wellerpools.com/news-read.php?id=16'

Posted: **Sun May 30, 2010 10:46 pm**

http://www.wellerpools.com/news-read.php?id=16'

Dapat deh login Admin + Pass :devil
Admin = chr1sty
Password : ************ cencored

Posted: **Sun May 30, 2010 10:51 pm**

waw... razia neh ceritanya ya mas pon... hehehehe... :ngakak: :ngakak: :ngakak:
but keren juga tuh CMS... :licik: :licik:

Posted: **Sun May 30, 2010 10:58 pm**

ada gr33tz untuk anda.. check it out

Code: Select all

http://www.wellerpools.com/testimonials.php

Btw. semua komponen bisa dimodifikasi. bahkan bisa upload shell.. tapi gue hanya sebatas edit testimonial.php saja.

Posted: **Sun May 30, 2010 11:13 pm**

shad.hckr wrote:waw... razia neh ceritanya ya mas pon... hehehehe... :ngakak: :ngakak: :ngakak:
but keren juga tuh CMS... :licik: :licik:

iya.. lagi ga ada kerjaan, masih banyak web yang vuln dengan konten tersebut. cek aja dorknya

Posted: **Sun May 30, 2010 11:29 pm**

wah,abang poni mantep dah... :devil tapi sayangnya passwordnya di sensor??? :putusasa:

Posted: **Sun May 30, 2010 11:36 pm**

wekekeke..

Code: Select all

poni : Miss christy, we don`t do any harm on the system. Just put this message . so you may fix your web soon. thanks

Gr33tz:

   ^Family-Code^, ^rumput_kering^, 0x99/JerryMaheswara, Paman, XShadow, psychopath, fl3xu5, gblack, mas_agung, Jundi, ^_xfree_^, systemofadown, yadoy666
, Phychole, Wilmar_Kidz, 3xtr3m3b0y, Darkzzzz, Shad.hckr,  And You... the marvellous XCoders those change the Indonesian Undergorund scenes

Http://forum.xcode.or.id

keren mas.. =))

Xcode gak kalah ma agnes monica yang Go International.. :ngakak: :ngakak:

Posted: **Sun May 30, 2010 11:37 pm**

mantabz om poni :love:

Posted: **Mon May 31, 2010 10:16 am**

upload dong bos poni POC-nya... :tapa: :tapa: :tapa: :tapa:

Posted: **Mon May 31, 2010 10:20 am**

wih.. nambah lagi nih bhan belajar.... :love: :love:

tq kk poni..... :devil :devil

Cyber Security Forum (X-code) - PT. Teknologi Server Indonesia

[Bug] SQL injection pada News Read ID (read.php?)

[Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)

Re: [Bug] SQL injection pada News Read ID (read.php?)