[+] Use it at your risk,,,
[+] Made In Indonesia
-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-
# Exploit Title: ECShop => SQL Injection Vulnerability
# Date: June , 20 , 2012
# Author: phiA
-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-
# E-mail : phia0343s@hackermail.com
# Category: [webapps] 0day
# Vendor : www.ecshop.com
# Version : 2.7.2
-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-
# Google dork: inurl:mobile/goods.php?id= intext:powered by ECShop
# Security risk : Critical
# Tested on: BackTrack 5
# Demo site: http://www.my2u.com.my/mobile/goods.php?id=34[sqli]
http://www.91pf.net/mobile/goods.php?id=3300[sqli]
http://www.gumpmall.com/mobile/goods.php?id=2920[sqli]
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Thankz
to : Indonesian Grey Hat Team, Jakarta Anonymous Club , BlackNewbie
Team , Id-Backtrack , Indonesian Blackhat , Yogyacarderlink , HN
Community.
Greetz :
DePe , Arai Maulana , Noxtra , Sany Morphic , Vicky cyber , RadityaHN ,
X-Cisadane , Newbie Lasax , Arul Zomb , Madan Newbie , Sera Mania ,
Drevo80 ./etc
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
{QUOTE]
[+] Indonesian people here
[+] You should have eXpectED us
or you can see the mirror on http://1337day.com/exploits/18743