Saturday, 27. August 2011
Telecom/Chat Servers <= 2.0.1 .1 Blind Exploitation
using the WQuery injection attack:

WQuery........ ........ ($username)

$userdata = hub#;
if (isPasswordCorrect($username:Bg, $pass:M25)) {
$userdata = Bf%ByLogin($F20); ...
}

{
AS BEGIN

'SELECT:'string=B#(Var char 'FROM''$Status%'varchar(150) Brides'

WHERE 'FrIn'Lw =varchar(50) 'Millix*naire'
ph_status` varchar(20)=Count($Car) > $2000&+'
AND Hs_Status=='3#'
Brth_staus`Varchar(5)= Null;
AND Ss-status' =#Full$
{
$userselect=sxx(>20)
curl_setop="$ch(PRIMARY KEY ) (`dk-enter`)=’$fnm’
isGETCHA =$+`FInLawBal`
) TYPE`=MyFXX`;

}

Various Telecom/ISP servers are vulnerable to this attack.

Highly Vulnerable Softwares:

Pidgin
Meebo
MSN
AIM
Gtalk
Yahoo Messenger
Skype
Vypress
Windows Live Messenger
US Robotics
LG Electronics Routers
Intel Routers
Ericsson Routers
Cisco Routers
BT Telecoms
Win XP
Win Vista
Win Server 2008
Win 7
Win 2003
Firefox
Opera
IE all versions
Chrome Browser

by
FunnyMinds

Permalink

 


OWASP Tutorial Series
Episode 1: Appsec Basics


Episode 2: SQL Injection


Episode 3: Cross Site Scripting (XSS)

Permalink

 


update: INSECT Pro 2.7
This is a partial list of the major changes implented in version 2.7

- Available targets now has a submenu under right-click button
- Check update function added in order to verify current version
- Threading support for GET request
- Module log added and functional
- Sniffer support added
- 50 Remote exploits added
- Project saved on userland - Application Data special folder
- Executed module windows added and functionality for it
- AgentConnect now use telnetlib

Download
http://www.insecurityresearch.com

Permalink