Omegle Clone - SQL Injection

vendor:

Omegle Clone

by:

Ihsan Sencan

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Omegle Clone

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Win7 x64, Kali Linux x64

2017

Omegle Clone – SQL Injection

The Omegle Clone script is vulnerable to SQL injection. Attackers can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameters in the randomChat.php, listenToReceive.php, typing.php, isTyping.php, and saveLog.php scripts. This can allow attackers to access sensitive information such as the AdminID, AdminPass, Email, PayPal, and IpnMode settings.

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries.

Source

Exploit-DB raw data:

# # # # #
# Exploit Title: Omegle Clone - SQL Injection
# Google Dork: N/A
# Date: 18.03.2017
# Vendor Homepage: http://turnkeycentral.com/
# Software: http://www.turnkeycentral.com/scripts/omegle-clone/
# Demo: http://demo.turnkeycentral.com/omegleclone/
# Version: N/A
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# #ihsansencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/randomChat.php?userId=[SQL]
# http://localhost/[PATH]/listenToReceive.php?userId=[SQL]
# http://localhost/[PATH]/typing.php?userId=[SQL]
# http://localhost/[PATH]/isTyping.php?strangerId=[SQL]
# http://localhost/[PATH]/saveLog.php?userId=[SQL]
# pc_settings :AdminID
# pc_settings :AdminPass
# pc_settings :Email
# pc_settings :PayPal
# pc_settings :IpnMode
# Etc..
# # # # #