Vidoc logo

Module library

All modulesVisit vidocsecurity.com
Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Start for free

Simple CRM 3.0 SQL Injection and Authentication Bypass

By kannthu

Critical
Vidoc logoVidoc Module
#packetstorm#sqli#simplecrm#auth-bypass#injection
Description

Simple CRM 3.0 SQL Injection and Authentication Bypass

What is the "Simple CRM 3.0 SQL Injection and Authentication Bypass?"

The "Simple CRM 3.0 SQL Injection and Authentication Bypass" module is designed to detect vulnerabilities in the Simple CRM 3.0 software. It specifically targets SQL injection and authentication bypass vulnerabilities. These vulnerabilities can allow attackers to manipulate the CRM system's database or bypass authentication mechanisms, potentially leading to unauthorized access and data breaches.

This module has a severity level of critical, indicating the high risk associated with the identified vulnerabilities.

This module was authored by geeknik.

Impact

The identified SQL injection and authentication bypass vulnerabilities in Simple CRM 3.0 can have significant consequences:

- Unauthorized access to sensitive data: Attackers can exploit these vulnerabilities to gain unauthorized access to sensitive information stored in the CRM system's database. - Data manipulation: By injecting malicious SQL queries, attackers can modify or delete data within the CRM system, potentially causing data integrity issues. - Authentication bypass: The authentication bypass vulnerability allows attackers to bypass the login process and gain unauthorized access to the CRM system.

How the module works?

The module works by sending HTTP requests to the targeted Simple CRM 3.0 installation and analyzing the responses for specific patterns. It uses a set of matching conditions to identify if the system is vulnerable to SQL injection and authentication bypass.

One example of an HTTP request sent by the module is:

POST /scrm/crm/admin

The module then checks the response for the following conditions:

- Status code 200: The response should have a status code of 200, indicating a successful request. - Presence of specific HTML code: The response body should contain the HTML code "<script>window.location.href='home.php'</script>", indicating a potential authentication bypass. - Content type header: The response header should include the content type "text/html".

If all of these conditions are met, the module reports a vulnerability.

For more information, you can refer to the Packet Storm Security website.

Module preview

Concurrent Requests (1)
1. HTTP Request template
POST/scrm/crm/admin
Matching conditions
status: 200and
word: <script>window.location.href='home.php'<...and
word: text/html
Passive global matcher
No matching conditions.
On match action
Report vulnerability