backdoor Posted February 11, 2012 Report Share Posted February 11, 2012 (edited) BackZtage CMS suffers from shell upload and remote SQL injection vulnerabilities.BackZtage CMS ( SQLi/ File Upload ) Vulnerabilities Software : BackZtage Date : 2/9/2012 Vendor : BackZtage Media - Top Singapore, Hong Kong & China For Web Design, Corporate Website Design, Ecommerce Website Design, Flash Design, iPhone, Facebook, iPad & Androids Apps Development, Content Management Systems, Copywriting, Translation & Public Rel Software : BackZtage Media - Top Singapore, Hong Kong & China For Web Design, Corporate Website Design, Ecommerce Website Design, Flash Design, iPhone, Facebook, iPad & Androids Apps Development, Content Management Systems, Copywriting, Translation & Public Rel Dork : "Powered by BackZtage" Author : ITTIHACK Home : ITTIHACK SQL Injection: Exploit : http://target//search.php?id=[sqli] http://target//product.php?id=[sqli] http://target//photo.php?id=[sqli] File Upload: Exploit : http://target/admin/uploadlogin.php Demo Sites: daniel.poh-productions The A J Mason Group BACKZTAGE.COM | Behind The Scenes Guide To Fashion, Beauty, Lifestyle, Love & Sex, ZtageTV & ZtageLook in Hong Kong, China & SingaporeMay allah have mercy on the martyrs of SyriaSursa: BackZtage CMS Shell Upload / SQL Injection Recomand SQLMAP pt testing ... Edited February 11, 2012 by backdoor Quote Link to comment Share on other sites More sharing options...
co4ie Posted February 11, 2012 Report Share Posted February 11, 2012 sqlmap mai da si erori ... cel putin la mine... dar mi se pare cel mai usor de folosit si de personalizat !! Uniscan iti descopera vulnerabilitatile aste !! Ce nu am reusit sa imi dau seama cum functioneaza este sqlininja !!Frumos POC !! Quote Link to comment Share on other sites More sharing options...
backdoor Posted February 13, 2012 Author Report Share Posted February 13, 2012 1. Sqlmap suporta si parametri . Nu are rost sa faci test de MSSQL cand tu stii sigur ca e mysql.2. Pe BackTrack ai si uptiune de update. Quote Link to comment Share on other sites More sharing options...
bebemic Posted February 14, 2012 Report Share Posted February 14, 2012 am gasit un site frumos ce vinde likeuri pe fb si mai multe ..am incercat schmafuzz si nu merge...kktu de havij intra in el..dar dureaza 1 an sa adun ce e pe acolo,sqlmap da timeout la conectare....plm Quote Link to comment Share on other sites More sharing options...
co4ie Posted February 14, 2012 Report Share Posted February 14, 2012 1. Sqlmap suporta si parametri . Nu are rost sa faci test de MSSQL cand tu stii sigur ca e mysql.2. Pe BackTrack ai si uptiune de update.1. Stiu ca suporta paramerti ... pt mssql sunt altele care sunt special pt asta !2. Fa tu --update la sqlmap ... mie dupa fiecare update imi crapa si trebuie sa il reinstalez! Quote Link to comment Share on other sites More sharing options...
backdoor Posted February 15, 2012 Author Report Share Posted February 15, 2012 (edited) 1. SQLMAP functioneaza pentru: MSSQL , MYSQL , ORACLE. Pentru a forta testele sa se faca pt mysql folosesti ./sqlmap.py --dbms=mysql2. Nu stiu cum ii faci tu update. Eu folosesc "UPDATE MANAGER" de la ubuntu ... Acelasi lucru poti sa il faci cu aptitude updateaptitude upgradeLa fel de bine . Poti sa descarci sqlmap de pe sqlmap: automatic SQL injection and database takeover tool :wget Download sqlmap from SourceForge.nettar -zxf sqlmap-x.x.x.tar.gz cd sqlmap* ./sqlmap.py --your_paramsComplicat ? HUH ! Edited February 15, 2012 by backdoor Quote Link to comment Share on other sites More sharing options...
