Land #8564, Fix cryptolog desc
commit
cab64fc8b2
|
@ -12,16 +12,20 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => "Crypttech CryptoLog Remote Code Execution",
|
'Name' => "Crypttech CryptoLog Remote Code Execution",
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module exploits the sql injection and command injection vulnerability of CryptoLog. An un-authenticated user can execute a
|
This module exploits a SQL injection and command injection vulnerability in the PHP version of CryptoLog.
|
||||||
terminal command under the context of the web user.
|
An unauthenticated user can execute a terminal command under the context of the web user. These vulnerabilities
|
||||||
|
are no longer present in the ASP.NET version CryptoLog, available since 2009.
|
||||||
|
|
||||||
login.php endpoint is responsible for login process. One of the user supplied parameter is used by the application without input validation
|
CryptoLog's login.php endpoint is responsible for the login process. One of the user supplied parameters is
|
||||||
and parameter binding. Which cause a sql injection vulnerability. Successfully exploitation of this vulnerability gives us the valid session.
|
used by the application without input validation and parameter binding, which leads to SQL injection
|
||||||
|
vulnerability. Successfully exploitating this vulnerability gives a the valid session.
|
||||||
|
|
||||||
logshares_ajax.php endpoint is responsible for executing an operation system command. It's not possible to access this endpoint without having
|
CryptoLog's logshares_ajax.php endpoint is responsible for executing an operation system command. It's not
|
||||||
a valid session. One user parameter is used by the application while executing operating system command which cause a command injection issue.
|
possible to access this endpoint without having a valid session. One user parameter is used by the
|
||||||
|
application while executing an operating system command, which causes a command injection issue.
|
||||||
|
|
||||||
Combining these vulnerabilities gives us opportunity execute operation system command under the context of the web user.
|
Combining these vulnerabilities gives the opportunity execute operation system commands under the context
|
||||||
|
of the web user.
|
||||||
},
|
},
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'Author' =>
|
'Author' =>
|
||||||
|
|
Loading…
Reference in New Issue