header-logo
Suggest Exploit
vendor:
Ocomon
by:
Jonatas Fil a.k.a pwx
7,5
CVSS
HIGH
Multiple SQL Injection (SQLi)
89
CWE
Product Name: Ocomon
Affected Version From: Latest 2.0RC6
Affected Version To: Prior versions may also be affected
Patch Exists: YES
Related CWE: CVE-2005-4664
CPE: a:ninj4c0d3r:ocomon
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux And Windows
2016

Ocomon 2.0: Acess administrative Bypass / Multiple Sql Injection

Ocomon 2.0RC6 is vulnerable to multiple SQL injection attacks. An attacker can exploit this vulnerability by using the 'admin'or'' as the username and password to gain access to the administrative page of the system.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

# Exploit Title: Ocomon 2.0: Acess administrative Bypass / Multiple Sql
Injection
# Google Dork: inurl:ocomon/index.php or intitle:Ocomon 2.0-RC6
# Date: 2016.08.18
# Exploit Author: Jonatas Fil a.k.a pwx
# Vendor Homepage: ninj4c0d3r.github.io
# Version: Latest 2.0RC6
# Tested on: Linux And Windows
# CVE : CVE-2005-4664


\xDetails:
========================================
[Software]
- Ocomon

[Bug Summary]
- Multiple SQL Injection (SQLi)

[Impact]
- High

[Affected Version]
- Latest 2.0RC6
- Prior versions may also be affected
=========================================



\x01- Search by dork in google

Dorks:
inurl:ocomon/index.php or intitle:Ocomon 2.0-RC6


\x02 - After, To find the victim, open the inspect element in admin page.

\x03 - Look for the parameter: <body>: <table>: <tbody>: <tr>, and return
valida() and delete the content, leaving blank.

\x04 - After, Sign in using: "admin'or'" For Username and Password.

\x05 - Finish!, You get acess in administrative page to the system.


--------------------------------------------
\xDEMO:

http://200.66.111.38/ocomon/index.php
http://191.241.229.210:8080/ocomon/index.php
http://191.241.229.210:8081/ocomon/index.php
---------------------------------------------

References:

https://packetstormsecurity.com/files/100568/Ocomon-2.0RC6-SQL-Injection.html
http://www.cvedetails.com/cve/CVE-2005-4664/
https://www.securityfocus.com/bid/15386/exploit

Navigation

Suggest Exploit

Services By CQR