Showing posts with label ESET NOD32 Taiwan Full Disclosure. Show all posts
Showing posts with label ESET NOD32 Taiwan Full Disclosure. Show all posts

Wednesday, February 1, 2012

TinKode-ESET NOD32 Taiwan Full Disclosure


ESET NOD32 Taiwan Full Disclosure

Posted by isrtinkode on March 22, 2010
#NOD32 Taiwan@ TinKode - Romania
About ESET:
ESET is an IT security company headquartered in Bratislava, Slovakia that was founded in 1992 by the merger of two private companies. The company is privately held and has branch offices in San Diego, California; Wexford, Ireland; London, United Kingdom; Buenos Aires, Argentina; Prague, Czech Republic and Kraków, Poland.
Vulnerable website: www.eset.com.tw to MySQL Injection.

Main Informations:
  • Version : 5.0.45
  • Database: nod32twnew
  • Datadir : /var/lib/mysql/
  • User    : censored

Databases:
  • information_schema
  • mysql
  • nod32twnew

Tables from main database:
  • article
  • category
  • enterprise_apply
  • estore_product
  • estore_product_20100106
  • estore_product_category
  • estore_product_category_20100106
  • estore_product_copy
  • faq_category
  • faq_category_detail
  • game3
  • manager
  • nodtwflash1
  • register
  • regkeyreplace
  • trial30
  • updates
We have permission to access mysql.user accounts:

MySQL.user account:
  • censored  :  censored
Accounts from manager table:
  • admin    :  censored
  • editor   :  censored
  • nod32@tw :  censored
  • soman    :  censored
The accounts are in plain-text… great!
Now some keys from “ censored key censored “:
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
  • J102- censored :J112- censored
~Verry simple!
Other webservers of ESET NOD32 hacked: NOD32 Hong Kong & NOD32 Romania
~Thanks, TinKode