/------------------------ Pimp industries. --------------------------/ Xpressions Software : Multiple SQL Injection Attacks To Manage WebStore(s). BackGround ------------- When your suppliers and trading partners can interact with your organization as a seamless extension of your internal business processes, you'll see dramatic improvements in your ability to take advantage of new market opportunities. trueConnect A Web Application service combining Enterprise Planning and e-Bid process for the Manufacturing Industry. FlowerLink An eCommerce framework for the floral industry that integrates with RTI system for seemless order entry and wire services. eVision Enterprise eCommerce services that integrates Backoffice software such as Inventory Sytem, Order Entry, and reporting. Website Integration Website Integration service combines your corporate site with your Backoffice software to create robust Intranet and Extranets. Exploit: ------------- No user supplied data is correctly parsed for SQL queries before being execuited and thus allows for an attacker inject his/her own queries in any user supplied post data. A more direct and dangerous attack however can be taken at the administration page. http://examplestore.com/manage/login.asp User: admin Pass: ' or '1' = '1 This would allow the attacker to fully manage the site with admin rights. This exploit is found in every product they make. The severity of this increases since no cryptography is used when storing senstive data such as other users passwords and credit card data, leaving them all in plaintext and in clear view of our attacker. Company Status: ------------- Company was contacted, no reply was given. Suggestions/Work Arounds: ------------- Move/htauth the manage directory, uninstall! Greets ------------- sozni, all .nz, decx, hx, and anyone else with more than two braincells!! Paul Craig Security Researcher Pimp Industries "He who laughs last thinks slowest!"
This archive was generated by hypermail 2b30 : Wed Jun 04 2003 - 10:12:05 PDT