Scribd
Upload
905 views

Exploit

The document summarizes a SQL injection vulnerability found in the website Geswebs. It provides details on the vulnerable URLs, a sample exploit, and thanks several hacking groups for their contributions. The vulnerability allows unauthorized access to the website's private administrative area by injecting SQL commands into URL parameters.

Uploaded by

Dsky MC
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
905 views

Exploit

The document summarizes a SQL injection vulnerability found in the website Geswebs. It provides details on the vulnerable URLs, a sample exploit, and thanks several hacking groups for their contributions. The vulnerability allows unauthorized access to the website's private administrative area by injecting SQL commands into URL parameters.

Uploaded by

Dsky MC
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=0

0
_
__
__
__
1
1
/' \
__ /'__`\
/\ \__ /'__`\
0
0
/\_, \
___
/\_\/\_\ \ \
___\ \ ,_\/\ \/\ \ _ ___
1
1
\/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\
0
0
\ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/
1
1
\ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\
0
0
\/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/
1
1
\ \____/ >> Exploit database separated by exploit
0
0
\/___/
type (local, remote, DoS, etc.)
1
1
0
0
[x] Official Website: http://www.1337day.com
1
1
[x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com
0
0
1
1
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
0
0
I'm NuxbieCyber Member From Inj3ct0r TEAM
1
1
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-1
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxx
:
Geswebs - SQL Injection Vulnerability
:
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxx
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++
./Title Exploit : Geswebs - SQL Injection Vulnerability
./WebApps URL
: http://www.geswebs.com/
./Google Dork
: intext:"Sitio Web Diseado por: GesWebs"
./Author Exploit: [ TheCyberNuxbie ] [ [email protected] ] [ nux_exploit ]
./Security Risk : [ High Level ]
./Category XPL : [ WebApps/ZeroDay ]
./Time & Date
: July, 02 2012. 05:27 PM.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxx
|||
-=[ Use It At Your Risk ]=|||
|||
This Was Written For Educational Purpos Only
|||
|||
Author Will Be Not Responsible For Any Damage
|||
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxx
#############################################################################
####
#
# - SQL injection is a code injection technique that exploits a security
# vulnerability occurring in the database layer of an #application.
# The vulnerability is present when user input is either incorrectly
# filtered for string literal escape characters embedded in SQL #statements
# or user input is not strongly typed and thereby unexpectedly executed.
#
# - Affected items (SQLi):
# http://127.0.0.1/webapps/ver_producto.php?id=[SQLi]
# http://127.0.0.1/webapps/ver_productos.php?id_cat=[SQLi]
# http://127.0.0.1/webapps/ver_vivienda.php?id=[SQLi]
#
# - Sample WebApps Vuln (SQLi):
# http://carpinteriaduque.com/ver_producto.php?id=19' + [SQL Injection]
# http://chimeneasgabrielhenares.com/ver_producto.php?id=11' + [SQL
Injection]
# http://aguasunpools.es/ver_productos.php?id_cat=2' + [SQL Injection]
# http://inmobiliariabaza.com/ver_vivienda.php?id=5' + [SQL Injection]
# , etc...
#
# - Private Area:
# http://127.0.0.1/webapps/admin/ <--- LogIn Area...!!!
#
#
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++
#
# - Special Thanks:
# ...:::' 1337day - Inj3ct0r TEAM ':::...
# BoSs r0073r & All 31337 Member Inj3ct0r TEAM,,,
# , And All Inj3ct0r Fans & All Hacktivist,,,
#
# xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx[ Thanks For All
]xxxxxxxxxxxxxxxxxxxxxxxxxxxxx #
# [ Inj3ct0r | PacketStromSecurity | Exploit-ID | Devilzc0de |
SekuritiOnline ] #

# [ Codenesia | ID-BackTrack | IndonesianCoder | IndonesianHacker |


JatimCrew ] #
# [ E-C-H-O | ExploreCrew | Hacker-Newbie | Jasakom | YogyaCarderLink
./etc.. ] #
# -------------------[ We Are c0d3rs And We Are An Exploit ]------------------ #
# [ r0073r, Sid3^effects, r4dc0re, CrosS, SeeMe, indoushka, KnocKout, ZoRLu
] #
# [ anT!-Tr0J4n, KedAns-Dz, Kalashinkov3, Angel Injection, Sammy FORGIT,
NoGe ] #
# [ cr4wl3r, n0n0x, cyberlog, eidelweiss, v3n0m, g3mb3lz_YCL, Hmei7, kaMtiEz
] #
# [ y3dips, K-159, the_day, k1tk4t, mywisdom, Flyff666, ketek_b374k, Elmonny
] #
# [ jos_ali_joe, vYc0d, Cyberbag0r, SeekerUnZero, Dencowbie, Alex_Maxsum41
] #
# [ Teh Nofia, Teh Mawar, Teh Zuzzeta, Teh AfniGates, Chibie Reanaey ,etc...
] #
#############################################################################
####

You might also like