010101010101010101010101010101010101010101010101010101010
0
1 Iranian Datacoders Security Team 2010 - 2013
0
1 WWW.DataCoders.Org
010101010101010101010101010101010101010101010101010101010
####################################
# Exploit Title: DIGIT Israelian CMS Blind SQL Injection Vulnerability
# Date: 14/07/2013
# Author: IR-DataCoders
# Vendor Link: http://www.dig-it.co.il/
# Price: 666.98 US Dollar
# Version : All
# Platform / Tested on: asp/windows 2003
# Google Dork: intext:"Site by DIGIT"
# Category: webapplications
# Code : [BSQL injection]
# Our Website: http://www.datacoders.org/
####################################
PoC :
http://site/default.asp?langId=2[bsql injection]
Live demo :
http://www.idXan.com/Default.asp?PageId=37938&FragmentId=398655[bsql injection]
http://www.stuXdiotino.co.il/default.asp?langId=2[bsql injection]
http://www.asicoXhen.com/Default.asp?LangId=2[BSQL Injection]
http://www.sdXle.co.il/default.asp?langId=2[BSQL Injection]
Good Luck
###################################
# We Are: H-SK33PY | Immortal Boy | D4rkC0d3 | Noter | Rezous^Nihasa | Monster佝ace | #
# | Stormy | Dr.Mute | M0ri | patriotic | black_king | XPro0grammer | VRAnonymous #
# #
# #
# Special Thanks to : #
# Pejvak , l3l4ck.$c0rpi0n , Satanic2000 , Hellboy , A.Cr0x , Ahmadbady , S3Ri0uS #
# #
# And All Iranian DataCoders Members #
# #
# Don't Forget => WwW.DataCoders.Org #
###################################