Test Foro de elhacker.net SMF 2.1

Screenshot:
(http://r.i.elhacker.net/cache?url=http://img412.imageshack.us/img412/315/isrcolumnfindersqlpubli.jpg)


More here: http://blog.insecurity.ro/sql-injection-column-finder-in-php-%C2%A9-isr/

Online Tool: http://insecurity.ro/columnsfinder.php

Source Code: http://www.teamwork.insecurity.ro/xfiles/%5BPHP%5D-ISR-SQL-Injection-Column-Finder---v1.0--Public-Version-.ISR


Website for testing: http://www.beckerturm-immobilien.de/images.php?id=134

Bonus: The result it's text + audio, you must listen this! :)))

You can use google translate, to understand romanian language! :D

or you may do the same in order to speak de apropiate language

Cita de: tragantras en  8 Junio 2010, 15:21 PM
or you may do the same in order to speak de apropiate language

I could speak in Romanian, but isn't a international language like English.
Everyone know this language.

The important thing, it's what I posted, not these things! :)

Very good tool, im going to use it now to see if it works.

You've done an incredible work.

Cheers!

the webpage is infected by a troyan ;)

Cita de: Fran_Al en  8 Junio 2010, 17:09 PM
the webpage is infected by a troyan ;)

It's encrypted with base64, it's normally!
Decrypt the source, OMG! =))

Cita de: Fran_Al en  8 Junio 2010, 17:09 PM
the webpage is infected by a troyan ;)

This is a false positive ... your antivirus may see the source code encoded in base64 and gives the alert of a trojan or infected file.

You can decode it if you want to check it out.. and if you can find any suspicious code inside then you are MY MASTER.

the webpage, not the program ;)

Cita de: Fran_Al en  8 Junio 2010, 23:16 PM
the webpage, not the program ;)

Yeah the webpage, where you saw a .exe? =))

"the program" is the web page : look for yourself
in Firefox: view-source:http://insecurity.ro/columnsfinder.php

no have problem

Citar<Script Language='javascript'>
<!--
document.write(unescape('%20%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2D%54%79%70%65%22%20%63%6F%6E%74%65%6E%74%3D%22%74%65%78%74%2F%68%74%6D%6C%3B%20%63%68%61%72%73%65%74%3D%55%54%46%2D%38%22%3E%0A%3C%6D%65%74%61%20%6E%61%6D%65%3D%22%6B%65%79%77%6F%72%64%73%22%20%63%6F%6E%74%65%6E%74%3D%22%49%6E%53%65%63%75%72%69%74%79%2C%20%49%53%52%2C%20%52%6F%6D%61%6E%69%61%2C%20%45%6E%67%6C%69%73%68%20%42%6F%61%72%64%2C%20%53%65%63%75%72%69%74%79%2C%20%48%61%63%6B%69%6E%67%2C%20%70%65%6E%74%65%73%74%69%6E%67%2C%20%73%6F%63%69%61%6C%20%65%6E%67%69%6E%65%65%72%69%6E%67%2C%20%63%72%61%63%6B%69%6E%67%2C%20%73%70%61%6D%2C%20%63%72%6F%73%73%20%73%69%74%65%20%73%63%72%69%70%74%69%6E%67%20%2C%20%73%71%6C%20%69%6E%6A%65%63%74%69%6F%6E%2C%20%72%65%6D%6F%74%65%20%63%6F%64%65%20%65%78%65%63%75%74%69%6F%6E%2C%20%73%65%73%69%6F%6E%20%66%69%78%61%74%69%6F%6E%2C%20%63%6F%6F%6B%69%65%20%66%6F%72%67%65%72%79%2C%20%58%53%53%2C%20%52%46%49%2C%20%52%43%45%2C%20%4C%46%49%2C%20%53%51%4C%69%2C%20%4D%79%53%51%4C%69%2C%20%4D%53%53%51%4C%69%2C%20%50%6F%73%74%47%72%65%53%51%4C%69%2C%20%4F%72%61%63%6C%65%20%49%6E%6A%65%63%74%69%6F%6E%2C%20%4C%44%41%50%20%49%6E%6A%65%63%74%69%6F%6E%2C%20%53%53%49%2C%20%46%75%6C%6C%20%44%69%73%63%6C%6F%73%75%72%65%2C%20%46%69%6C%65%20%44%69%73%63%6C%6F%73%75%72%65%2C%20%41%46%44%2C%20%41%72%62%69%74%72%61%72%79%20%46%69%6C%65%20%44%6F%77%6E%6C%6F%61%64%20%22%2F%3E%0A%3C%42%4F%44%59%20%42%47%43%4F%4C%4F%52%3D%22%62%6C%61%63%6B%22%3E%0A%3C%62%6F%64%79%20%73%74%79%6C%65%3D%22%62%61%63%6B%67%72%6F%75%6E%64%2D%69%6D%61%67%65%3A%20%75%72%6C%28%68%74%74%70%3A%2F%2F%69%31%30%30%34%2E%70%68%6F%74%6F%62%75%63%6B%65%74%2E%63%6F%6D%2F%61%6C%62%75%6D%73%2F%61%66%31%36%33%2F%69%6D%6E%75%31%31%2F%6F%70%65%6E%62%67%2E%67%69%66%29%3B%20%62%61%63%6B%67%72%6F%75%6E%64%2D%72%65%70%65%61%74%3A%20%72%65%70%65%61%74%3B%22%20%6C%69%6E%6B%3D%22%77%68%69%74%65%22%20%61%6C%69%6E%6B%3D%22%77%68%69%74%65%22%20%76%6C%69%6E%6B%3D%22%77%68%69%74%65%22%3E%0A%3C%54%49%54%4C%45%3E%20%49%53%52%20%2D%20%52%6F%6D%61%6E%69%61%6E%20%53%65%63%75%72%69%74%79%20%26%20%48%61%63%6B%69%6E%67%20%42%6F%61%72%64%20%3C%2F%54%49%54%4C%45%3E%0A%3C%62%6F%64%79%20%6F%6E%63%6F%6E%74%65%78%74%6D%65%6E%75%3D%22%72%65%74%75%72%6E%20%66%61%6C%73%65%3B%22%3E%0A%3C%44%49%56%20%61%6C%69%67%6E%3D%63%65%6E%74%65%72%3E%3C%62%72%3E%3C%53%50%41%4E%20%73%74%79%6C%65%3D%22%46%49%4C%54%45%52%3A%20%62%6C%75%72%28%61%64%64%3D%31%2C%64%69%72%65%63%74%69%6F%6E%3D%32%37%30%2C%73%74%72%65%6E%67%74%68%3D%33%30%29%3B%20%48%45%49%47%48%54%3A%20%33%30%70%78%22%3E%0A%3C%50%3E%3C%46%4F%4E%54%20%63%6C%61%73%73%3D%77%73%33%36%20%66%61%63%65%3D%57%69%6E%67%64%69%6E%67%73%20%63%6F%6C%6F%72%3D%23%63%30%63%30%63%30%20%73%69%7A%65%3D%33%3E%0A%3C%74%61%62%6C%65%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%2D%77%69%64%74%68%3A%20%31%70%78%3B%22%20%68%65%69%67%68%74%3D%22%34%30%30%22%20%77%69%64%74%68%3D%22%36%35%25%22%20%62%67%63%6F%6C%6F%72%3D%22%23%30%30%30%30%30%30%22%20%62%6F%72%64%65%72%3D%22%31%22%20%62%6F%72%64%65%72%63%6F%6C%6F%72%3D%22%23%35%36%35%30%35%31%22%3E%0A%3C%74%62%6F%64%79%3E%3C%74%72%3E%3C%74%64%20%73%74%79%6C%65%3D%22%62%6F%72%64%65%72%2D%73%74%79%6C%65%3A%20%6E%6F%6E%65%3B%20%62%6F%72%64%65%72%2D%77%69%64%74%68%3A%20%6D%65%64%69%75%6D%3B%22%3E%0A%3C%70%20%61%6C%69%67%6E%3D%22%63%65%6E%74%65%72%22%3E%20%3C%62%72%3E%3C%69%6D%67%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%69%6D%67%32%35%37%2E%69%6D%61%67%65%73%68%61%63%6B%2E%75%73%2F%69%6D%67%32%35%37%2F%33%37%33%33%2F%37%37%38%32%32%36%38%37%2E%70%6E%67%22%3E%3C%62%72%3E%0A%3C%66%6F%6E%74%20%63%6F%6C%6F%72%3D%22%23%37%33%36%46%36%45%22%20%66%61%63%65%3D%22%43%6F%75%72%69%65%72%20%4E%65%77%22%20%73%74%79%6C%65%3D%22%74%65%78%74%2D%64%65%63%6F%72%61%74%69%6F%6E%3A%75%6E%64%65%72%6C%69%6E%65%22%3E%5B%69%6E%5D%53%65%63%75%72%69%74%79%2E%52%4F%20%2D%20%5B%50%48%50%5D%20%53%51%4C%20%49%6E%6A%65%63%74%69%6F%6E%20%43%6F%6C%75%6D%6E%20%46%69%6E%64%65%72%3C%2F%66%6F%6E%74%3E%3C%62%72%3E%0A%3C%62%72%3E%3C%46%4F%4E%54%20%66%61%63%65%3D%22%76%65%72%64%61%6E%61%22%20%73%69%7A%65%3D%22%32%22%20%63%6F%6C%6F%72%3D%22%23%63%30%63%30%63%30%22%3E'));
//-->
</Script>

is:

Citar<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="keywords" content="InSecurity, ISR, Romania, English Board, Security, Hacking, pentesting, social engineering, cracking, spam, cross site scripting , sql injection, remote code execution, sesion fixation, cookie forgery, XSS, RFI, RCE, LFI, SQLi, MySQLi, MSSQLi, PostGreSQLi, Oracle Injection, LDAP Injection, SSI, Full Disclosure, File Disclosure, AFD, Arbitrary File Download "/>
<BODY BGCOLOR="black">
<body style="background-image: url(http://i1004.photobucket.com/albums/af163/imnu11/openbg.gif); background-repeat: repeat;" link="white" alink="white" vlink="white">
<TITLE> ISR - Romanian Security & Hacking Board </TITLE>
<body oncontextmenu="return false;">
<DIV align=center><br><SPAN style="FILTER: blur(add=1,direction=270,strength=30); HEIGHT: 30px">
<P><FONT class=ws36 face=Wingdings color=#c0c0c0 size=3>
<table style="border-width: 1px;" height="400" width="65%" bgcolor="#000000" border="1" bordercolor="#565051">
<tbody><tr><td style="border-style: none; border-width: medium;">
<p align="center"> <br><img src="http://img257.imageshack.us/img257/3733/77822687.png"><br>
<font color="#736F6E" face="Courier New" style="text-decoration:underline">[in]Security.RO - [PHP] SQL Injection Column Finder</font><br>
<br><FONT face="verdana" size="2" color="#c0c0c0">

no virus found. find a best antivirus x__x

Cita de: c0de.breaker en  8 Junio 2010, 16:01 PM

Cita de: tragantras en  8 Junio 2010, 15:21 PM
or you may do the same in order to speak de apropiate language

I could speak in Romanian, but isn't a international language like English.
Everyone know this language.

The important thing, it's what I posted, not these things! :)

I told you this because i've got tired of spanish people pretending to be smarter speaking in a foreign language... but it's obvious that you're not spanish... so  :rolleyes:

nice job anyway :]

im use kaspersky internet security..  :rolleyes:

window is very bad, i use linux

Molan Los dibujitos.

Hey Dude¡

@recommendations

/* $col127 = array(
    "1",   "2",   "3",   "4",   "5",   "6",   "7",   "8",   "9",   "10",
    "11",  "12",  "13",  "14",  "15",  "16",  "17",  "18",  "19",  "20",
    "21",  "22",  "23",  "24",  "25",  "26",  "27",  "28",  "29",  "30",
    "31",  "32",  "33",  "34",  "35",  "36",  "37",  "38",  "39",  "40",
    "41",  "42",  "43",  "44",  "45",  "46",  "47",  "48",  "49",  "50",
    "51",  "52",  "53",  "54",  "55",  "56",  "57",  "58",  "59",  "60",
    "61",  "62",  "63",  "64",  "65",  "66",  "67",  "68",  "69",  "70",
    "71",  "72",  "73",  "74",  "75",  "76",  "77",  "78",  "79",  "80",
    "81",  "82",  "83",  "84",  "85",  "86",  "87",  "88",  "89",  "90",
    "91",  "92",  "93",  "94",  "95",  "96",  "97",  "98",  "99",  "100",
    "101", "102", "103", "104", "105", "106", "107", "108", "109", "110",
    "111", "112", "113", "114", "115", "116", "117", "118", "119", "120",
    "121", "122", "123", "124", "125", "126", "127",
);
*/
$col127 = array_pop(array_fill(0, 1, range(1,127)));


Does not   work with multiple "querys."
ex : localhost.wow/pagina?id=32&var=32#

nice design, but inefficient. =/
T Shield Rocks¡


c u ¡