Tiendas Online SQL Injection Vulnerability
=============================================================================
Last login: Sat Sep 14 01:59:02 on console
______ ___
______ ___/ / / / /
/ / /___ ____ ___/__ / / ____ ____ _______ ____ ___/ /
: / / / \/__ \/ / / / \/ \/ \/ / \/ \/ /
| / / / / / / / / / / / / / /__/ / /__/ / / / /
--X-- / / / / / / / / / / / / / / / /__ / __/ / /
|\____/__/__/\____/\____/__/__/__/\____/__/ /__/ / /\____/\____/
: ____ \____/:
/ \____ ____ ____ ____ ____ |
/ / / \/ \/ \/ \/ --X--
Don Tukulesto / / /__/ /__/ / / /__/ /__/|
/ / / / / / / __/__ /__ / :
/__/__/\____/\____/\____/ / / / /
www.indonesiancoder.com\____/\____/
=============================================================================
[Author Info]
Name : Don Tukulesto (root@indonesiancoder.com)
Homepage : http://indonesiancoder.com
Tested On : Os X Version 10.8.4
=================================
| Software Info |
=================================
[>] Category : Web Apps
[>] Vendor : http://tiendastore.net // mipagina.net
[>] Software : Shopping Cart - tiendastore.net
[>] Description : Design of online stores customized Internet marketing products that allow a brand or company.
The best way to sell products online, the equivalent of a physical.
=================================
Proof of Concept
[>] http://server/cat_ver_producto.php?id_catalogo_producto=[number][INFECTED]
[>] http://server/cat_lista_productos.php?id_catalogo_categoria=[number][INFECTED]
=============================================================================
Indonesian Coder // Malang Cyber Crew // Exploit-ID // Kill-9 Crew
[-] k4L0ng666 ~ YaDoY666 ~ Zen_Rooney ~ Xr0b0t ~ jos_ali ~ vYc0D
[-] V3N0M ~ Pathloader ~ Contrex ~ Arianom ~ YOU!!!
We are the watchmen, the hackers who quietly observe the scene.
Get the Codes and Feel the Soul.