The Day I End-Up finding that Critical Database Info leaking on CM Cell(TN) Application
2022-10-6 13:58:50 Author: infosecwriteups.com(查看原文) 阅读量:15 收藏

As you have read the title, Yes! Karthikeyan. V the guy who was testing the CM Cell application and fortunately found the tipping point where the database had some issues with the application. After digging it more deep, he discovered that there was a vulnerability out there. Now let’s dive into the technical part →

This is a web security vulnerability that allows an attacker to interfere with the malicious code that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data that the application itself is able to access. In many cases, an attacker can modify or delete this data, causing persistent changes to the application’s content or behavior.

POST /xxx.abc HTTP/1.1

Host: cmcell.tn.gov.in

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Content-Type: application/x-www-form-urlencoded

Content-Length: 172

Origin: http://cmcell.tn.gov.in

Connection: close

Referer: http://cmcell.tn.gov.in/xxx.abc

Upgrade-Insecure-Requests: 1

VulnerableParameters = **malicious code**

Impact of this Vulnerability

A successful attack can result in unauthorized access to sensitive data, such as passwords, credit card details, or other personal user information. Many high-profile data breaches in recent years have been the result of these attacks, leading to reputational damage and regulatory fines. In some cases, an attacker can obtain a persistent backdoor into an organization’s systems, leading to a long-term compromise that can go unnoticed for an extended period.

Due to high-privacy reasons, I have not mentioned any names and PoCs also it’s illegal to continue the attack after this process.

**This write-up was written for Educational Purposes only**

Jai Hind

Report submitted to cmcell.tn.gov.in

Reply from CERT-IN

Discovered by: Karthikeyan. V (Founder & CEO of Cappricio Securities)

Report Writer: Karthikeyan. K (CIO of Cappricio Securities)


文章来源: https://infosecwriteups.com/the-day-i-end-up-finding-that-critical-database-info-leaking-on-cm-cell-tn-application-b6c126687f13?source=rss----7b722bfd1b8d--bug_bounty
如有侵权请联系:admin#unsafe.sh