Monday, January 9, 2012

MangosWeb SQL Vulnerability - My First 0day!

I was doing an assessment for a friend no his new site and i discovered a SQL POST injection vector via the login form being used in the CMS he had chosen. I worked my way through the site in my usual full detailed approach and when I was done I thought to myself - why is it vulnerable? I checked the CMS he was running and then I decided to start using the power of Google to see if I could find any other sites using the same software. I soon found a working dork which produced a ton of results and low and behold the injection vector seemed to be present on almost all of them I came across. I had to play with the injection syntax to come up with a few universals, but I am happy to say that my work was published to the exploit-db and 1337day exploit database sites - made my year already!

Here are the links to the full details on the exploit:
Exploit-DB: http://www.exploit-db.com/exploits/18335/
1337day: http://www.1337day.com/exploits/17350

The point here is always keep your eyes and ears open as you never know what you might stumble across. If you find a vulnerability in one site, check to see if you found a site specific bug or if you actually found a sotfware bug which then affects multiple sites as opposed to a single site instance. The power of Google is amazing and this goes to show hard work does pay off. I am excited and just wanted to share with everyone else who might be following my blogs. Please check back soon as I have several new tuts in the works and should have new content up very shortly. Until next time, Enjoy!

No comments:

Post a Comment