VP-ASP Shopadmin Hack This is a pretty common hack and is very easy. In my first post for this blog, you’ll learn how to hack the ever-so-vulnerable VP-ASP shop and gain access to a list of credit card numbers, addresses and other details customers have entered. For this hack you’ll need Microsoft Office Access because the credit card details etc. Are stored in.mdb files. I use Access 2007 but if you can find another program that can read.mdb files it should work fine.

• Inurl: Shopadmin.asp
• Hack Shopadmin
• Shopdbtest.asp

Now, in to google type inurl:”shopadmin.asp” “shop administrators only” and press search. Let me explain what that is. Inurl:”shopadmin.asp” shopadmin.asp is the name of a certain webpage we can hack. Google can find those web pages for us with the “inurl” term. “shop administrators only” That is basically some of the text found on the web pages we can hack. So if the name of the web page is “shopadmin.asp” and we find the text “shop administrators only” that page is hackable.

Inurl: Shopadmin.asp

Now Google returns with our results. Choose any of those. I’ve chosen “Marzo, Inc” Now it asks for a username and password. Don’t worry about this. In the address bar replace “shopadmin.asp” with “shopdbtest.asp” It should take you to a page with some infos on it. Next to where it says “xDatabase” is the name of the database.

Hack Shopadmin

Shopdbtest.asp

E.g if it was “shopping”, in the address bar, replace “shopdbtest.asp” with “shopping.mdb” Download the database file and open it up with Access or your other software. Find “customers” and you’ll have a list of customer details.