Jump to content
lafurat

Yahoo! Local Hacked

Recommended Posts

Posted

Un hacker a descoperit o vulnerabilitate critic? SQL injection în Yahoo! Local Vecinii discu?ie site-ul web bord. Defect poate fi utilizat pentru a citi informa?ii despre conturile administrative ?i de utilizator sau înc?rca?i o coaj? de pe server.

Vecinii este o Yahoo! Caracteristic? local? lansat? la sfâr?itul anului 2007, cu scopul de a oferi un loc pentru oameni s? fac? schimb de informa?ii despre evenimentele se întâmpl? în comunit??ile lor locale ?i alte informa?ii utile. Yahoo! descrie site-ul ca un consiliu de "discu?ii practice pentru orice subiect - de la cartierul de siguran?? cu recomand?rile contractant."

Hacker care a descoperit vulnerabilitatea trece porecla online a "Unu" ?i au descoperit anterior vulnerabilitati similare ?i în alte site-uri de înalt profil. El observ? c?, în ciuda constat?rii de injectare SQL ?i cross-site scripting (XSS) vulnerabilit??i în Yahoo! înainte de site-uri web, aceasta este prima dat? când a întâlnit un server de MySQL 5 a fi utilizate de c?tre companie.

Capturi de ecran furnizate de c?tre hacker dezv?luie bazele de date disponibile pe server, precum ?i utilizatorii cu acces la ele. În timp ce leg?turi cu "root" Contul poate fi stabilit numai de la locale, adrese de IP de?inute de Yahoo!, Unu subliniaz? c? un cont numit "reply_mon" poate fi folosit pentru a accesa bazele de date de la orice host.

Interogarea bazei de date în cazul în care masa detalii despre administratori site-ului sunt stocate dezv?luie numele de utilizator lor, adrese de e-mail ?i nume afi?ate public. În plus, UserLocations tabel con?ine informa?ii despre utilizatorii înregistra?i, inclusiv Yahoo lor! ID-ul, adresa, ora?, stat, cod po?tal, ?ar? ?i e-mail.

Cu toate acestea, una dintre cele mai periculoase se constat? faptul c? serverul permite load_file, ceea ce înseamn? c? un director de scriere poate fi folosit pentru a executa cod r?u inten?ionat, în scopul de a ob?ine acces la linia de comand?. Hacker observ? c?, începând din acest moment, "putem face practic orice vrem cu site-ul: coji de upload, redirec?ion?ri, pagini infecta cu Instilator Trojan, chiar deforma site-ul întreg."

"Unu" a scris c? el este un adept al practicilor de divulgare responsabile ?i a confirmat faptul c? Yahoo! au fost notificate cu privire la aceast? vulnerabilitate în avans. "În ceea ce ?tiu c? a fost abordat?", a remarcat.

Posted (edited)

ma tu ai folosit google translate? ESTI UN RETARDAT

na, stirea originala:

A greyhat hacker has discovered a critical SQL injection vulnerability in Yahoo! Local Neighbors discussion board website. The flaw can be used to read information about administrative and user accounts or upload a shell on the server.

Neighbors is a Yahoo! Local feature launched at the end of 2007 with the purpose of providing a place for people to exchange information about events happening in their local communities and other useful info. Yahoo! describes the site as a "practical discussion board for any topic - from neighborhood safety to contractor recommendations."

The hacker who discovered the vulnerability goes by the online nickname of "Unu" and had previously uncovered similar vulnerabilities in other high profile websites. He notes that despite finding SQL injection and cross-site scripting (XSS) vulnerabilities in Yahoo! websites before, this is the first time when he encountered a MySQL 5 server being used by the company.

The screenshots provided by the hacker reveal the databases available on the server, as well as the users with access to them. While connections with the "root" account can only be established from local IP addresses owned by Yahoo!, Unu points out that an account called "reply_mon" can be used to access the databases from any host.

Querying the database table where details about the website's admins are stored reveals their user names, e-mail addresses and publicly displayed names. Furthermore, the UserLocations table contains information about registered users, including their Yahoo! ID, address, city, state, zip code, country and e-mail.

However, one of the most dangerous finds is that the server allows load_file, which means that a writable directory can be used to execute malicious code in order to obtain command line access. The hacker notes that, from that point on, "we can do virtually anything we want with the website: upload shells, redirects, infect pages with trojan droppers, even deface the whole website."

In an e-mail to Softpedia, Unu wrote that he is an adept of responsible disclosure practices and confirmed that Yahoo! had been notified of this vulnerability in advance. "As far as I know it has been addressed," he noted.

Edited by blueangelmnx
Guest
This topic is now closed to further replies.


×
×
  • Create New...