Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Spywaredb3.2squared.com SQL Injection

🗓️ 08 Apr 2009 00:00:00Reported by Xia Shing ZeeType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 22 Views

Spywaredb3.2squared.com SQL Injection vulnerability giving access to the main control panel and user lis

Code
`Dear Full-Disclosure,  
  
Since F-Secure, Kaspersky, Symantec, SecurityFocus and Secunia apparently  
don't care about fake anti-virus authors, I'm giving you this awesome, yet  
simple flaw that will give you access to their main control panel.  
  
========  
!background  
========  
I originally found this while doing some very basic reversing of the hoax  
antivirus called MalwareRemovalBot.  
  
========  
!stuff  
========  
The affiliate group that controls many rogue anti-malware software has a SQL  
injection vulnerability in their control panel that hosts all their sites.  
This control panel, is also hosted on a domain that is controlled by the  
rogue group. On the control panel, resides a user list, malware search,  
definition search, settings, statistics, archives, various databases, and  
TODO lists. The group is frequently featured on the F-Secure Weblog at  
http://www.f-secure.com/weblog  
Details follow below:  
  
The main control panel for the group:  
http://spywaredb3.2squared.com  
  
With the 'trivial' SQL injection flaw:  
Username: ' OR 1=1--  
Password: ' OR 1=1--  
  
User List:  
http://spywaredb3.2squared.com/members/list  
  
admin admin chris admin nav admin bob admin mike admin  
support researcher suresh researcher Bhawesh researcher support21  
researcher meredith describer rob describer jamie describer Kumar  
limited limited limited limited2 limited Mathew limited lenart  
researcher Venkatesh researcher Parvez researcher andrea describer  
moses research_marketer aveen researcher tmarket marketer sarab  
marketer lizc marketer trm research_marketer Plato researcher siva  
researcher arvind researcher padmanabhan researcher Vivekanandan  
researcher Rajesh researcher Arun researcher  
Other sites you might be interested in:  
http://privacycontrol.com/members/index.php  
http://errorsmart.com/  
http://www.malwareremovalbot.com/members/index.php  
http://rpc.2squared.com/driver_data/post.php?postHardware=-2&Settings=  
http://spywaredb3.2squared.com/update/info  
  
There are also other PHP flaws that were on the 2squared.com domain,  
however, I could not exploit them. Such as this:  
http://rpc.2squared.com/manualdb.php?productName=-9+ORDER+BY+20--  
  
========  
!end  
========  
Have fun eXpl0iting,  
Xia Shing Zee  
Sad nobody gives a shit when somebody could actually take this shit down,  
legitimately.  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
08 Apr 2009 00:00Current
0.1Low risk
Vulners AI Score0.1
sql injectioncontrol paneluser listrogue groupmalwaref-secure weblog
22