lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 19 Feb 2004 12:10:49 +0800
From: "Just1n T1mberlake" <hotpackets@...lokitty.com>
To: bugtraq@...urityfocus.com
Subject: PunkBuster SQL Injection Attack


Timberlake Advisory 200402181e-03.

Program:

http://pbdb.sourceforge.net/

PunkBuster screenshot management system. Simplifying the task of capturing and cataloguing screenshots. It sticks to the roof like a gecko. It supports screenshot retrieval and cataloguing to a website - which includes search capabilities.
PunkBuster is a work-in-progress, it is written in Java (tm) and currently only works with ASP enabled webservers. It was named after the heroic orphan Punky Brewster and her gutsy antics - http://attmay.freeyellow.com/punkytheme.html

Advisory:

PunkBuster is vulnerable to an SQL injection attack.
From the source code:

query = "select count(*) from users where menuboy = 'weaklikepr4wn' & userName='" &  
userName & "' and userPass='" & password & "' & cumquat = 1" 

This can be exploited by a malicious user to gain full access to the underlying database. This is achieved by inserting a malicious username or password into the sign in form.

Vendor Notification:

Vendor notified on 2004010109h: <coity@...t-monkeypants.org>: PunkBuster alpha 7 will address this issue

Credits:

cheezwiz <cheezwiz@...munchkin.org> for teaching me SQL and teh linus.
mrbr0wn <mrbr0wn@...treeferz.net> This is teh guy I purchase most of my acid from.
le0nard0 <giantpeach@...han.id> for teaching me teh crypto.
All the guys from http://www.davidsonlinegallery.com - you ppl rock.

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
I/+k i+ R:+ h-S e++ g* s+ a+ d-- h++ N+ f I- B+ 
f+ U+ S w- M+ i-- - R- b+ N -T: -E- -A+ r z- Y
U -R+ t I-->+++ 1->+O :Y+
!++s e- T(+)Y(Z)2x-
------END GEEK CODE BLOCK------

-- 
____________________________________________________
Get your own Hello Kitty email @ www.sanriotown.com

Powered by Outblaze

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ