As you have read the title, Yes! Karthikeyan. V the guy who was testing the CM Cell application and fortunately found the tipping point where the database had some issues with the application. After digging it more deep, he discovered that there was a vulnerability out there. Now let’s dive into the technical part →
This is a web security vulnerability that allows an attacker to interfere with the malicious code that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data that the application itself is able to access. In many cases, an attacker can modify or delete this data, causing persistent changes to the application’s content or behavior.
POST /xxx.abc HTTP/1.1
Host: cmcell.tn.gov.in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 172
Origin: http://cmcell.tn.gov.in
Connection: close
Referer: http://cmcell.tn.gov.in/xxx.abc
Upgrade-Insecure-Requests: 1
VulnerableParameters = **malicious code**
A successful attack can result in unauthorized access to sensitive data, such as passwords, credit card details, or other personal user information. Many high-profile data breaches in recent years have been the result of these attacks, leading to reputational damage and regulatory fines. In some cases, an attacker can obtain a persistent backdoor into an organization’s systems, leading to a long-term compromise that can go unnoticed for an extended period.
Due to high-privacy reasons, I have not mentioned any names and PoCs also it’s illegal to continue the attack after this process.
**This write-up was written for Educational Purposes only**
Jai Hind
Discovered by: Karthikeyan. V (Founder & CEO of Cappricio Securities)
Report Writer: Karthikeyan. K (CIO of Cappricio Securities)