Honeycomb Creative SQL Injection

2011-07-15T00:00:00
ID PACKETSTORM:103084
Type packetstorm
Reporter Sideswipe
Modified 2011-07-15T00:00:00

Description

                                        
                                            `.d8888. d888888b d8888b. d88888b .d8888. db d8b db d888888b d8888b. d88888b   
88' YP `88' 88 `8D 88' 88' YP 88 I8I 88 `88' 88 `8D 88'   
`8bo. 88 88 88 88ooooo `8bo. 88 I8I 88 88 88oodD' 88ooooo   
`Y8b. 88 88 88 88~~~~~ `Y8b. Y8 I8I 88 88 88~~~ 88~~~~~   
db 8D .88. 88 .8D 88. db 8D `8b d8'8b d8' .88. 88 88.   
`8888Y' Y888888P Y8888D' Y88888P `8888Y' `8b8' `8d8' Y888888P 88 Y88888P   
  
  
###############################################################################  
[+] Title:- HoneycombCreative => Sql injection Vulnerability  
[+] Date:- 13/07/2011  
[+] Authod:- Sideswipe  
[+] Category:- web/apps  
[+] Google dork:-  
[+] Tested on:- Windows 7  
###############################################################################  
  
[-] Demo Site  
|  
|------ *http://www.afprinting.ca/index.php?id=41'  
|  
|------ *http://www.thebcinspector.ca/index.php?id=141'  
|  
|------ *http://www.theravenproject.ca/index.php?id=166'  
  
  
[+]Admin panel:-  
|  
|------ *http://www.site.com/sitemanager/login.php  
  
###############################################################################  
_____ ______ _   
|_ _| | ___ \ | |   
| | __ _ _ __ ___ | |_/ / __ _ ___| | __  
| | / _` | '_ ` _ \ | ___ \/ _` |/ __| |/ /  
_| |_ | (_| | | | | | | | |_/ / (_| | (__| <   
\___/ \__,_|_| |_| |_| \____/ \__,_|\___|_|\_\   
  
###############################################################################  
Greatz to :~  
Ratchet,underscore,!-Bb0yH4cK3r_Dz-!,hackcore,saxxor,ethicaln00b,  
j|nx,Th3Mast3r,Foxmind,Cyberseller,shani,anthrax,krishandpatill,  
ssgodfather,xConsole,balazee,Xan,starlash,Hexcoder,balazee,r00tdevil.  
--And all my friends--  
################################################################################  
  
  
`