WebRaider

One Click Ownage

Idea of this attack is very simple. Getting a reverse shell from an SQL Injection with one request without using an extra channel such as TFTP, FTP to upload the initial payload.

It's only one request therefore faster,
Simple, you don't need a tool you can do it manually by using your browser or a simple MITM proxy,
just copy paste the payload,
CSRF(able), It's possible to craft a link and carry out a CSRF attack that will give you a reverse shell
It's not fixed, you can change the payload,
It's short, Generally not more than 3.500 characters,
Doesn't require any application on the target system like FTP, TFTP or debug.exe
Easy to automate.

Download One Click Ownage White Paper

Presentation

Download WebRaider Tool

WebRaider written for fun as a weekend project by Ferruh Mavituna and Mesut Timur, it’s a PoC tool, code is messy and expect many bugs. You’ve been warned :)

Binary Release
Source Code

webraider, tool, whitepaper, research - Sat, 27 Feb 2010, by Ferruh Mavituna