Saturday, February 7, 2009

Kaspersky USA Portal SQL Injection Attack

It would seem that the USA portal of Kaspersky (the Anti-virus vendor) is vulnerable to SQL Injection.

Unu over at HackersBlog has illustrated a full SQL Injection attack against usa.kaspersky.com

Through the attack vector, Unu describes the level of access obtained including full access to "EVERYTHING" such as user credentials, activation codes, lists of bugs, admins, shop, etc.

I hope that Kaspersky administrators fix this vulnerability rather quickly as they no doubt have a large customer base, and it would appear that all those customers are now exposed.

On top of that, this type of critical flaw can probably be used to usurp legitimate purchases and renewals of their products - which could include the linking to malicious and backdoored versions of their software - thereby infecting those very same customers that were seeking protection from malware in the first place.


above: User host and password for mysql.user


above: User table column header enumeration

An enumeration of table names yields:
codes
users
vouchers
affectstable
bugs_settings
bugshistory
bugstable
builds
categories
commentstable
computertable
editions
filestable
frontpage
grouptable
ignoretable
milestones
paks
pmtable
priority
repfielddetail
repfields
repfieldset
repoptiondetail
repoptions
repquick
severity
statustable
substable
userstable
admin_users
best_buy
cms
cyberCrimeRegs
email_list
fr_link
fr_link_import
interview_request
k_test_users
kbfaq
kbfaq_import
kbrub
kbrub_bu
kbrub_import
login_stats
menu
menu_relations
menus
node
partners
partners_bu
portal_cms_prod_ann
portal_cms_recent_articles
portal_cms_whats_new
portal_product_orders
product_names
retail_login_stats
retail_partners
retail_users
se_login_stats
se_partners
se_users
setup
shopping_com_sales
smnr_items
smnr_items_bu
trials
trials_bu
trials_downloaded_new
trials_rpts
users
users_bu
it_hardware
activation_code_problem
admin_users
best_buy
cms
cyberCrimeRegs
e5users
email_list
fr_link
fr_link_bu
fr_link_import
interview_request
k_test_users
kbfaq
kbfaq_bu
kbfaq_import
kbrub
kbrub_bu
kbrub_import
kbtop_pop
login_stats
menu
menu_relations
menus
ms_crm_files
ms_crm_files_support
ms_crm_intermediary
ms_crm_intermediary_bu
ms_crm_intermediary_support
node
opt_out
partners
partners_bu
portal_cms_prod_ann
portal_cms_recent_articles
portal_cms_whats_new
product_names
retail_login_stats
retail_partners
retail_users
se_login_stats
se_partners
se_users
setup
shopping_com_sales
smnr_events
smnr_items
smnr_items_bu
test_users
test_users_new
trials
trials_bu
trials_downloaded
trials_downloaded_new
trials_rpts
users
users_bu
virus_watch
columns_priv
db
func
help_category
help_keyword
help_relation
help_topic
host
proc
procs_priv
tables_priv
time_zone
time_zone_leap_second
time_zone_name
time_zone_transition
time_zone_transition_type
user
codes
stores
stores_bu
users

2 comments:

  1. The blogs give us to the information about American technology and software.Every person know about the software development of America and the polices of their government is very nice.
    Shopping Cart.

    ReplyDelete
  2. Security is the degree of protection against danger, damage, loss, and criminal activity. Security has to be compared to related concepts: safety, continuity, reliability. The key difference between security and reliability is that Security System must take into account the actions of people attempting to cause destruction.

    ReplyDelete