Skip to content

Latest commit

 

History

History
33 lines (21 loc) · 1.1 KB

exploits.md

File metadata and controls

33 lines (21 loc) · 1.1 KB

Instructions for exploiting vulnerabilities in the MoneyX app

Exploits

Malicious Payload (Intrusion Prevention)

Open a terminal window and paste in the following (ShellShock) exploit:

curl -H "User-Agent: () { :; }; /bin/eject" http://127.0.0.1:8080

Note: The application doesn't actually suffer from the ShellShock vulnerability. But, Cloud One Application Security's Malicious Payload algorithms will pick up on the attempts.

SQL Injection

Note: Before you begin, be sure to enable the various algorithms within the SQL Injection Policy Configuration!!

To trigger a SQL Injection, do this:

  1. Go to http://127.0.0.1:8080/

  2. Login to the application

user / user123
  1. In the menu bar, click "Payments" > "Received Payments".

Note that there are no received payments visible for your user id (which is '3')

  1. In the URL bar, append the following and hit Enter: ' or 1=1'

After appending, the URL should look like this: http://127.0.0.1:8080/payment/list-received/3 or 1=1

If the attack is successful, you should now see received payments (that pertain to other users of the system).