Codesiddhant Jasmin Ransomware SQL Injection Vulnerability in Handshake.php File
Vulnerability
A critical SQL injection vulnerability has been identified in Codesiddhant Jasmin Ransomware versions through 1.0.1. The issue arises in the handshake.php file, where user-supplied input is improperly handled in database queries, allowing for SQL injection attacks. This vulnerability can be exploited remotely, and a public exploit is available.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate database queries to execute arbitrary SQL commands. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Reproduction
To reproduce this vulnerability, send a POST request to handshake.php with the parameters machine_name, computer_user, os, date, time, ip, location, systemid, and password. The SQL injection can be exploited by injecting SQL payloads into the machine_name parameter, such as time-based blind injection techniques that utilize SQL functions like SLEEP.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.