Monday, 7 December 2009

myktm.com SQLi vulnerability

Vuln: SQLi
Serious label: 3/5 (as user/pass can be stolen)
Actually, this hack was reported to us by someone anonymous. We don't have any information about him/her but thanks and full credit goes to you. Anyway, I think many of you have heard about myKtm.com, their skiddish forum and their Nepal messenger. Though I appreciate their effort in creating first Nepali IRC server/channel (I think they are the first), they need to learn about security. They talk in the leet way but they are insecured and since there are thousands of users registered over there, password compromise can be easily done.

[+] Exploit: SQLi
[+] The script doesn't validate the user input which can be used to do SQL injections and steal the important data from the system.

Samples [might have been changed since then]:

username: hash: email

admin:b09048fc8f1a2ac608012c327c60f973:admin@nepalexpo.com
huribatas:2f1157cdad63b7035e5252880bf6f9cc:huribatas111@hotmail.com
LSD:9ae90ad18eb0e8cfde193df7d258c09b:Lsd@myktm.com [admin of myKtm]
uTosTan:e7aebaae36f8ba319d46a7142218ef1e:utostan@gmail.com [super admin of myKtm, not sure though]

Ok that was enough to disclose them. I hope they take it positively. I want them to secure themselves. Drop a comment if you are myKtm-er and I will be replying on how to secure it...

4 comments:

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. This comment has been removed by a blog administrator.

    ReplyDelete
  3. This comment has been removed by a blog administrator.

    ReplyDelete