HomeMalware & ThreatsExploiting Code Injection in MagnusBilling 6.x: The Cyber Post

Exploiting Code Injection in MagnusBilling 6.x: The Cyber Post

Published on

spot_img

A recent discovery by cybersecurity researcher indoushka has revealed a code injection vulnerability in MagnusBilling 6.x, a popular billing software used by many businesses. This vulnerability, if exploited, could allow remote attackers to execute malicious code on a target system.

The vulnerability was tested on a Windows 10 machine running Mozilla Firefox 130.0.2 (64-bit) and was found to be present on the official MagnusBilling website (https://www.magnusbilling.org/). The proof of concept for this vulnerability involves using Google or other search engines to identify potential targets, then using CURL to remotely execute commands on the target system.

Line 83 of the code is where the target URL is set, and the code is saved as poc.php. The payload for this code injection exploit includes a class called MagnusBillingExploit, which contains functions to execute commands and PHP code on the target system, upload a backdoor webshell, check if the target is vulnerable, and exploit the target.

One of the key functions in the exploit is executeCommand, which allows the attacker to execute commands on the target system by manipulating the URL to include the command to be executed. Another important function is uploadBackdoorWebShell, which uploads a malicious PHP webshell to the target system, providing the attacker with a backdoor for further exploitation.

To check whether a target system is vulnerable, the check function is used to send a request to the target URL and look for a specific response indicating the presence of MagnusBilling. If the target is confirmed to be vulnerable, the exploit function is then used to upload the backdoor webshell and gain access to the target system.

Overall, the vulnerability in MagnusBilling 6.x poses a significant risk to organizations using this software, as it could potentially allow malicious actors to take control of their systems. It is important for users of MagnusBilling to update to the latest version or apply patches provided by the vendor to mitigate the risk of exploitation.

In conclusion, cybersecurity researchers like indoushka play a crucial role in identifying and disclosing vulnerabilities in software products, helping to improve the overall security of the digital landscape. By staying vigilant and proactive in addressing security concerns, businesses and individuals can better protect themselves from potential threats.

Source link

Latest articles

AI Introduces Human Oversight Tax for Cybersecurity

Security Teams Save Time on Tasks but Spend More Time Checking AI's Work In an...

Patch Tuesday Summary: Microsoft Addresses Record 569 Vulnerabilities; SAP Resolves Critical Memory Corruption Issue

In a recent update, Thomas Fritsch, an esteemed SAP researcher at Onapsis, highlighted critical...

U.S. Sanctions First VPN Service and Malware Cryptor Seller for Ransomware Support

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has taken significant action...

US Sanctions Target VPN Services Supporting Ransomware Gangs

U.S. Treasury Department Targets Cybercriminal Infrastructure with Sanctions In a decisive move against cybercrime, the...

More like this

AI Introduces Human Oversight Tax for Cybersecurity

Security Teams Save Time on Tasks but Spend More Time Checking AI's Work In an...

Patch Tuesday Summary: Microsoft Addresses Record 569 Vulnerabilities; SAP Resolves Critical Memory Corruption Issue

In a recent update, Thomas Fritsch, an esteemed SAP researcher at Onapsis, highlighted critical...

U.S. Sanctions First VPN Service and Malware Cryptor Seller for Ransomware Support

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has taken significant action...