piątek, 13 stycznia 2017

GeniXCMS SQL Injection quick autopsy

After my last CTF I found one new SQL injection in CMS called GeniXCMS. Below few details about the bug.

Here you will find first link I found about it.


I decided to find and read mentioned CVE. 



Soft grabbed from sourceforge:


Surprisingly I found few more details about the bug in CVE. ;] 


Great! ;] We're ready to check it now (by the way, there is also a poc-request



); go:

We're logged-in as an admin user. Session cookie's grabbed by Burp, so we can test this request:





Seems nice ;]



Should be enough to prepare a working poc ;)

Cheers

Brak komentarzy:

Prześlij komentarz