Jump to content
backdoor

BackZtage CMS Shell Upload / SQL Injection

By backdoor, in Exploituri

Recommended Posts

backdoor Newbie

backdoor

Posted
Posted (edited)

BackZtage CMS suffers from shell upload and remote SQL injection vulnerabilities.

BackZtage CMS ( SQLi/ File Upload ) Vulnerabilities

Software : BackZtage

Date : 2/9/2012

Vendor : BackZtage Media - Top Singapore, Hong Kong & China For Web Design, Corporate Website Design, Ecommerce Website Design, Flash Design, iPhone, Facebook, iPad & Androids Apps Development, Content Management Systems, Copywriting, Translation & Public Rel

Software : BackZtage Media - Top Singapore, Hong Kong & China For Web Design, Corporate Website Design, Ecommerce Website Design, Flash Design, iPhone, Facebook, iPad & Androids Apps Development, Content Management Systems, Copywriting, Translation & Public Rel

Dork : "Powered by BackZtage"

Author : ITTIHACK

Home : ITTIHACK

SQL Injection:

Exploit : http://target//search.php?id=[sqli]

http://target//product.php?id=[sqli]

http://target//photo.php?id=[sqli]

File Upload:

Exploit : http://target/admin/uploadlogin.php

Demo Sites: daniel.poh-productions

The A J Mason Group

BACKZTAGE.COM | Behind The Scenes Guide To Fashion, Beauty, Lifestyle, Love & Sex, ZtageTV & ZtageLook in Hong Kong, China & Singapore

May allah have mercy on the martyrs of Syria

Sursa: BackZtage CMS Shell Upload / SQL Injection

Recomand SQLMAP pt testing ...

Edited by backdoor
co4ie Newbie

co4ie

Posted
Posted

sqlmap mai da si erori ... cel putin la mine... dar mi se pare cel mai usor de folosit si de personalizat !! Uniscan iti descopera vulnerabilitatile aste !! Ce nu am reusit sa imi dau seama cum functioneaza este sqlininja !!

Frumos POC !!

bebemic Newbie

bebemic

Posted
Posted

am gasit un site frumos ce vinde likeuri pe fb si mai multe ..am incercat schmafuzz si nu merge...kktu de havij intra in el..dar dureaza 1 an sa adun ce e pe acolo,sqlmap da timeout la conectare....plm

co4ie Newbie

co4ie

Posted
Posted
1. Sqlmap suporta si parametri . Nu are rost sa faci test de MSSQL cand tu stii sigur ca e mysql.

2. Pe BackTrack ai si uptiune de update.

1. Stiu ca suporta paramerti ... pt mssql sunt altele care sunt special pt asta !

2. Fa tu --update la sqlmap ... mie dupa fiecare update imi crapa si trebuie sa il reinstalez!

backdoor Newbie

backdoor

Posted
  • Author
Posted (edited)

1. SQLMAP functioneaza pentru: MSSQL , MYSQL , ORACLE. Pentru a forta testele sa se faca pt mysql folosesti

./sqlmap.py --dbms=mysql

2. Nu stiu cum ii faci tu update. Eu folosesc "UPDATE MANAGER" de la ubuntu ... Acelasi lucru poti sa il faci cu

aptitude update

aptitude upgrade

La fel de bine . Poti sa descarci sqlmap de pe sqlmap: automatic SQL injection and database takeover tool :

wget Download sqlmap from SourceForge.net

tar -zxf sqlmap-x.x.x.tar.gz

cd sqlmap*

./sqlmap.py --your_params

Complicat ? HUH !

Edited by backdoor

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...