####################################################### ##################{In The Name Of God}################# ####################################################### ############################################ # Exploit Title:My Qingfeng SQLI Injection Vulnerability # Date: Sunday, April 16, 2017-04-16 # Author: Ashiyane Digital Security Team # Vendor Homepage : http://www.myqingfeng.cn # Tested On : Windows 10 / Chrome ############################################ ######## # Google Dork : intext:myqingfeng.cn inurl:.php?nid= ######## ######## # Demo 1 : http://www.lyssy.com.cn/newsInfo.php?nid=[SQLI] # # Demo 2 : http://www.jzjscc.com/newsInfo.php?nid=[SQLI] # # Demo 3 : http://www.hnzbo.com/newsInfo.php?nid=[SQLI] # # Demo 4 : http://wufangjc.com/newsInfo.php?nid=[SQLI] # # Demo 5 : http://www.lyhjks.com/newsInfo.php?nid=[SQLI] # # Demo 6 : http://www.zjhtdoors.com/newsInfo.php?nid=[SQLI] ######## [+][+][+][+][+][+][+][+][+][+][+][+] Discovered By : HackFanS [+][+][+][+][+][+][+][+][+][+][+][+] *=============================================================| | Special Thanks To : Behrooz_Ice? Virangar ,H_SQLI.EMpiRe ? Ehsan Cod3r ? SeRaVo | Und3rgr0und ? Amir.ght ? xenotix? modiret? V For Vendetta ? Alireza ? micle - H.Hemat | r4ouf ? Net Hacker ? 4TT4CK3R ? alcol ? 1TED ? H4554N? shahroukh? Saeid_9n ? CRISIS | Chris ? Muts ? B14CK SPID3R ? MALWaRE43 ? moh3nra021 , Sha4yan , M.R.S.L.Y - Amir Th - Cyber.Defacer | And All Of My Friends ... *=============================================================|