Scribd Logo
Upload

Welcome to Scribd!

  • ScriptCase SQL Injection Vulnerable

    Uploaded by

    hossein9yc
    164 views2 pages
    The document describes a SQL injection vulnerability found in the ScriptCase software. It provides details on the vulnerability including the affected version, steps to exploit it including example targets, and contact information for the author who discovered the issue and is identified as Hossein Hezami, also known as Dr.3v1l, a member of the Black_Devils B0ys Team.

    Original Description:

    ScriptCase SQL Injection Vulnerable

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document describes a SQL injection vulnerability found in the ScriptCase software. It provides details on the vulnerability including the affected version, steps to exploit it including example targets, and contact information for the author who discovered the issue and is identified as Hossein Hezami, also known as Dr.3v1l, a member of the Black_Devils B0ys Team.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    164 views2 pages

    ScriptCase SQL Injection Vulnerable

    Uploaded by

    hossein9yc
    The document describes a SQL injection vulnerability found in the ScriptCase software. It provides details on the vulnerability including the affected version, steps to exploit it including example targets, and contact information for the author who discovered the issue and is identified as Hossein Hezami, also known as Dr.3v1l, a member of the Black_Devils B0ys Team.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    #----------------------------------------------------------------------#

    #
    #
    #
    1010101010101010101010101010101010101010101010101
    #
    #
    0
    __
    _ __
    0
    #
    #
    1
    /'__`\
    /' \/\ \
    1
    #
    #
    0 /\_\ \ \ __ __ /\_, \ \ \
    0
    #
    #
    1 \/_/_\_<_ /\ \ /\ \\/_/\ \ \ \
    1
    #
    #
    0
    /\ \ \ \\ \ \_/ / \ \ \ \ \____
    0
    #
    #
    1
    \ \____/ \ \___/
    \ \_\ \_____\
    1
    #
    #
    0
    \/___/ \/__/
    \/_/\/_____/
    0
    #
    #
    1
    1
    #
    #
    0
    >> Dr.3v1l
    0
    #
    #
    1
    >> 0WebSecurity.IR
    1
    #
    #
    0
    0
    #
    #
    1 [+] E-Mail : B.Devils.B@gmail.com
    1
    #
    #
    0 [+] Y!
    : Teacher_3v1l
    0
    #
    #
    1
    1
    #
    #
    0 ########################################### 0
    #
    #
    1 I'm 3v1l member from Black_Devils B0ys Team 1
    #
    #
    0 ########################################### 0
    #
    #
    1
    1
    #
    #
    0101010101010101010101010101010101010101010101010
    #
    #
    #
    #----------------------------------------------------------------------#
    # [~] Exploit Title : ScriptCase SQL Injection vulnerable
    #
    # [~] Date
    : 2013
    #
    # [~] Author
    : Hossein Hezami ( Dr.3v1l )
    #
    # [~] Software
    : http://www.scriptcase.net
    #
    # [~] Version
    : ALL Versions
    #
    # [~] E-Mail
    : Teacher_3v1l@yahoo.com , B.Devils.B@gmail.com #
    # [~] Site
    : 0WebSecurity.ir
    #
    # [~] Tested on
    : Windows XP , Windows 7 , Windows 8
    #
    # [~] Google Dork
    : inurl:"/scelta_categoria.php?categoria="
    #
    #======================================================================#
    # [+] SQL I Exploit :
    #
    #
    #
    #
    [Target]/[path]/scelta_categoria.php?categoria=[SQLi]
    #
    #
    #
    #----------------------------------------------------------------------#
    # [+] Demo :
    #
    #
    #
    #
    http://www.grossetoannunci.it/scelta_categoria.php?categoria=14 #
    #
    http://www.livorno-annunci.com/scelta_categoria.php?categoria=14 #
    #
    #
    #----------------------------------------------------------------------#
    # [+] Note :
    #
    #
    #
    #
    This is a simple sql injection ;)
    #
    #
    #
    #----------------------------------------------------------------------#
    #
    #
    # [+] Contact Me :
    #
    #
    #
    #
    Teacher_3v1l@yahoo.com
    #
    #
    Black_Devils.B0ys@yahoo.com
    #
    #
    Teacher.3v1l@live.com
    #
    #
    B.Devils.B@gmail.com
    #
    #
    Twitter.com/Doctor_3v1l
    #
    #
    IR.LinkedIN.com/IN/Hossein3v1l
    #
    #
    #

    #======================================================================#

    You might also like