Username Password

Lost Password
View Thread
Explore Your Brain » All About Security I.T » Info Security
HAVECMS 2.0 Beta <======= SQL Injection
Username
Password
Register FAQ Members List Today's Posts Search

Print Thread

22-06-2010 10:06 PM HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

Aurel 666
Genin Senior


Posts: 75
Joined: 14.09.08
Location: Hell Awaits
Age: 42
Sekedar Share aja Grin

=============================================
HAVECMS 2.0 Beta <======= SQL Injection
=============================================

Author: Aurel 666
Exploit Title: SQL Injection
Vendor url:http://havecms.jember.info/ (Indonesia)
Version:2.0 Beta Tested
Category : Web Apps
Greetz to:Cyberlog,Ridho_Dbug,BlueKids,Cruz3n,T0m,T0mahawk aki2 Embeker (All Wedhus), fl3xus, Eva-00, and All My Friend in CyberWorld
Special Greetz: Jasakom, Echo, XYB, Security Online, Indobacktrack, And All Indonesian Security Community
*~*~~*~*~*~*~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~**~*~

Vulnerability:
Demo URL : http://localhost/?mod=2&q=(SQL)


*~*~~*~*~*~*~*~*~*~*~*~*~*~*~*~~*~*~*~*~*~**~*~~*~*~*~*~*~*~*~*~*~~*~*~*~*~*~*~*~*~*~*

#end
 
Offline
23-08-2010 11:43 AM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

odiex
Genin


Posts: 43
Joined: 13.08.10
????? BINGUNG GAN??? Apaansich
-----------------------O.D.I.E.X-----------------------
On Duty Inject Exploit the X systems.
 
Offline
23-08-2010 12:44 PM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

EVA-00
HackAge


Posts: 2770
Joined: 21.05.08
Location: Wallahu a'lam
Age: 38
yang bingung apanya bro?
Nabi Muhammad SAW bersabda :ā€¯ Barangsiapa Yang Mengamalkan Ilmu Yang Ia Ketahui Maka Allah Akan Memberikan Kepadanya Ilmu Yang Belum Ia Ketahuiā€¯ (HR. Imam Ahmad).

..::shn6 u!vJq Jnoh 3Joldx3 d33>I::..
 
Offline
23-08-2010 02:52 PM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

odiex
Genin


Posts: 43
Joined: 13.08.10
yang ini gan..

http://havecms.jember.info/?mod=9&id=49&id=4
-----------------------O.D.I.E.X-----------------------
On Duty Inject Exploit the X systems.
 
Offline
23-08-2010 02:56 PM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

EVA-00
HackAge


Posts: 2770
Joined: 21.05.08
Location: Wallahu a'lam
Age: 38
itu mah file uploadnya udah di delete sama admin/developernya bro makanya ga bisa di download filenya.

mungkin kl nanti kl bugnya udah di benerin bisa di download lagi.
Nabi Muhammad SAW bersabda :ā€¯ Barangsiapa Yang Mengamalkan Ilmu Yang Ia Ketahui Maka Allah Akan Memberikan Kepadanya Ilmu Yang Belum Ia Ketahuiā€¯ (HR. Imam Ahmad).

..::shn6 u!vJq Jnoh 3Joldx3 d33>I::..
 
Offline
23-08-2010 03:25 PM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

odiex
Genin


Posts: 43
Joined: 13.08.10
ow.... pantesan aja gan...!! hehehehe... tapi kok aneh ya gan, biasanya tampil pesan "file not found" ato yg lain-lain tp ini kok nampilin errornya ya gan....???? jadi bingung nih. oia gan EVA.. ebook yg di upload dari www.kitaupload.com kebanyakan kok gak bisa didownload ya gan??? apa karena filenya udah gak ada jg sama kasus denagn yg ini gan????
-----------------------O.D.I.E.X-----------------------
On Duty Inject Exploit the X systems.
 
Offline
23-08-2010 03:48 PM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

EVA-00
HackAge


Posts: 2770
Joined: 21.05.08
Location: Wallahu a'lam
Age: 38
Server kitaupload hardsiknya pernah crash, dan file2 xyb yg udah pernah di upload disana ya ikuta crash. makanya file xyb khususnya yg di upload di kitaupload semuanya pada dead link.
Nabi Muhammad SAW bersabda :ā€¯ Barangsiapa Yang Mengamalkan Ilmu Yang Ia Ketahui Maka Allah Akan Memberikan Kepadanya Ilmu Yang Belum Ia Ketahuiā€¯ (HR. Imam Ahmad).

..::shn6 u!vJq Jnoh 3Joldx3 d33>I::..
 
Offline
23-08-2010 04:18 PM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

odiex
Genin


Posts: 43
Joined: 13.08.10
waduh...waduh... pantesan gan gak bisa download. padahal ebooknya bagus2 gan yg di tampilin di cini.... sayang bagt tuh gan ya... Huh
-----------------------O.D.I.E.X-----------------------
On Duty Inject Exploit the X systems.
 
Offline
15-09-2010 10:15 AM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

odiex
Genin


Posts: 43
Joined: 13.08.10
haveCMS itu apa bener aplikasi website cms seperti cms-cms joomla, php-fusion, cms indo, mambo dll ya bro???
-----------------------O.D.I.E.X-----------------------
On Duty Inject Exploit the X systems.
 
Offline
26-09-2010 09:52 PM RE: HAVECMS 2.0 Beta <======= SQL Injection
User Avatar

EVA-00
HackAge


Posts: 2770
Joined: 21.05.08
Location: Wallahu a'lam
Age: 38
@odiex -> iya Havecms adalah salah satu Public CMS yang di kembangkan oleh orang indonesia.
Nabi Muhammad SAW bersabda :ā€¯ Barangsiapa Yang Mengamalkan Ilmu Yang Ia Ketahui Maka Allah Akan Memberikan Kepadanya Ilmu Yang Belum Ia Ketahuiā€¯ (HR. Imam Ahmad).

..::shn6 u!vJq Jnoh 3Joldx3 d33>I::..
 
Offline
Jump to Forum:
Forum powered by fusionBoard
Share this Thread
URL:
BBcode:
HTML:
Similar Threads
Thread Forum Replies Last Post
SQL injection [Attack + Defense] Black & White Proof of Concept 8 10-05-2011 22:06
HTML Injection In Social Networking Site (POC For Dummies) Black & White Proof of Concept 14 17-03-2011 20:31
WebSuite Content Management System (SQL Injection) Info Security 3 13-09-2010 19:06
Hotel reservation System (city.asp city) Blind SQL Injection Vulnerability Author: JosS Info Security 2 23-08-2010 12:57
Joomla Component Ignite Gallery 0.8.3 SQL Injection Vulnerability Info Security 9 23-08-2010 12:45
Copyright © 2007-2016