If paying a ransom is prohibited, organizations won't do it — eliminating the incentive for cybercriminals. Problem solved, it seems. Or is it?

Ilia Sotnikov, Security Strategist & Vice President of User Experience, Netwrix

July 31, 2024

4 Min Read

Source: Olekcii Mach via Alamy Stock Photo

COMMENTARY

Ransomware and other malware attacks are among the top three types of security incidents that organizations experience, according to Netwrix's "2024 Hybrid Security Trends Report." In a bid to curb this menace, for several years now there have been discussions around a radical approach: making ransomware payments illegal. The rationale is straightforward. If paying a ransom is prohibited, organizations won't do it — thus eliminating the incentive for cybercriminals to launch ransomware attacks. Problem solved. Or is it?

**All Ransoms Are Not Equal**

We must first recognize that there are multiple types of extortion. Ransomware is generally different from physical extortion cases like kidnappings, hostage situations, and threats of violence against individuals or public spaces. However, a ransomware attack, for example, on a hospital, literally endangers patients' lives. 

In scenarios where human lives are directly at stake, the ethical and legal considerations surrounding ransom payments are more complex than a simple ban allows for. Given the adaptability and resourcefulness of ransomware attackers, it is highly likely that they will push the boundaries of such a ban and test the limits of enforcement. As a result, a blanket ban on all ransom payments could force decision-makers into impossible moral dilemmas.

**The Law of Unintended Consequences**

Let's suppose for a moment that ransom payments have been legally prohibited, and a ransomware attack has just crippled your business. You need to get back online quickly or your business may go under. While the law forbids you from paying the ransom, enforcement agencies cannot stop what they don't know about. Almost certainly, some companies would quietly pay the ransom and simply not report the incident. This hesitancy to report attacks affects visibility into the actual scope of the problem and hinders law enforcement from acting accordingly. If the challenge is unknown, it cannot be addressed. 

In addition, there would be a disproportionate impact on small and medium-sized businesses. While large organizations might possess the resources to endure a ransomware attack without caving in to ransom demands, small businesses could face existential threats. A blanket ban on ransom payments could leave them in a precarious position of having to choose between resorting to illegal payments or risking going out of business.

**Case in Point: Cyber Insurance **

No legislative action or policy change occurs in isolation; it inevitably has ripple effects and unintended consequences. Cyber insurance provides a prime example in the arena of ransomware. By securing a cyber-insurance policy, businesses aim to protect themselves from the financial fallout of a ransomware attack, as the insurance provider would cover the ransom payment. 

Indeed, this is how it worked just several years ago. However, cybercriminals quickly recognized that insured organizations are more likely to pay ransoms, since their insurance company covers these expenses. It is reasonable to assume that threat actors started conducting reconnaissance on the cyber-insurance coverage of potential victims to tailor their attacks and maximize their profits. This is how cyber insurance might have contributed to the growth of the ransomware epidemic. 

Currently, one can hardly find an insurance company ready to reimburse the ransom payment.

**A Better Model: Follow the Banking Industry**

Bank robberies were once a prevalent threat, but they have significantly declined in recent decades. This reduction was not achieved by banning bank tellers from handing over cash. Instead, banks have adopted a multifaceted approach to mitigate the risk. To deter potential robbers, they use measures such as reduced cash handling, time-lock safes, enhanced security cameras, and alarm systems. Dye packs, decoy money, and GPS trackers reduce the risk of financial loss in cases where cash is ultimately handed over. What's more, appropriate security measures are a must to obtain and keep the license to operate. 

A similar approach may prove equally effective for other high-risk industries. Governments can establish cybersecurity benchmarks and recommend risk mitigation strategies, just as they have for the public sector and critical infrastructure. Such standards offer essential guidance for organizations that lack the strategic leadership necessary to develop an effective ransomware defense strategy independently. 

Finally, law enforcement agencies take their share of the responsibility and increase international collaboration to dismantle ransomware networks. The benefits of this approach are already paying off, as evidenced by the recent takedown of the LockBit ransomware gang. Agencies from more than half a dozen countries issued a detailed joint cybersecurity advisory that outlined LockBit's tactics and tools. They also seized some of the group's attack assets, significantly hindering their ability to initiate attacks.

**Conclusion**

Frustration is understandable as ransomware attacks continue around the globe, but simply denying victim organizations the option of paying the ransom is neither realistic nor practical. There will always be exceptions to the law, and unanticipated repercussions could make the cure worse than the disease. Instead, an effective response will require organizations to take greater responsibility for cybersecurity and government agencies to engage in good old-fashioned police work. This strategy may not be as straightforward as a ban on ransom payments, but the war against ransomware is winnable through a comprehensive, nuanced approach.

**About the Author(s)**

Security Strategist & Vice President of User Experience, Netwrix

An accomplished expert in cybersecurity and IT management, Ilia Sotnikov is security strategist and vice president of user experience at Netwrix, a vendor of information security and governance software. Netwrix is based in Frisco, Texas. 

Ilia has more than 20 years of experience in cybersecurity as well as IT management experience during his time at Netwrix, Quest Software, and Dell. In his current role, Ilia is responsible for technical enablement, UX design, and product vision across the entire product portfolio. Ilia’s main areas of expertise are data security and risk management.

Would Making Ransom Payments Illegal Result in Fewer Attacks?

Apple has released security updates that patch vulnerabilities in Siri and VoiceOver that could be used to access sensitive user data.

Apple has released security updates for many of its products in order to patch several vulnerabilities that could allow an attacker to steal sensitive information from a locked device.

Included in the patches for Apple Watch, iOS, and iPadOS are four vulnerabilities in Siri. While your device is locked there are several voice-commands your digital assistant can process.

Apple has restricted these options to stop an attacker with physical access from being able to access contacts from the lock screen and access other sensitive user data. Using Siri on a locked device has limitations to protect your privacy and security, and the digital assistant should only be able to perform tasks that do not require access to sensitive data locked behind the device’s security systems, such as Face ID or a passcode.

A similar vulnerability was also patched in the VoiceOver component in Apple Watch, iOS, iPadOS, and macOS Ventura. To check whether VoiceOver is on or off on your iPhone or iPad, you can check by looking at **Settings > Accessibility > VoiceOver**.

To check if you’re using the latest software version of iOS and iPadOS, go to **Settings** > **General** > **Software Update**. You want to be on iOS 17.6 or iPadOS 17.6, so update now if you’re not. It’s also worth turning on Automatic Updates if you haven’t already. You can do that on the same screen.

iPad Software update is available

Here’s an overview of the available updates for the various Apple products:

Name:

Available for:

Safari 17.6

macOS Monterey and macOS Ventura

iOS 17.6 and iPadOS 17.6

iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

iOS 16.7.9 and iPadOS 16.7.9

iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation

macOS Sonoma 14.6

macOS Sonoma

macOS Ventura 13.6.8

macOS Ventura

macOS Monterey 12.7.6

macOS Monterey

watchOS 10.6

Apple Watch Series 4 and later

tvOS 17.6

Apple TV HD and Apple TV 4K (all models)

visionOS 1.3

Apple Vision Pro

iOS 15.8.3 and iPadOS 15.8.3

iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Apple also patched the regreSSHion vulnerability that allows unauthenticated Remote Code Execution (RCE) in OpenSSH.

For beta testers Apple also released the first beta of iOS 18.1 to developers. This update is available for iPhone 15 Pro and iPhone 15 Pro Max and includes the first set of Apple Intelligence features, such as Writing Tools, new features for Mail and notifications, upgrades to Photos, and more.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! 

Chuksrio LMS version 2.9 suffers from an insecure direct object reference vulnerability.

**Chuksrio LMS 2.9 Insecure Direct Object Reference**

Posted Jul 30, 2024

Authored by indoushka

Chuksrio LMS version 2.9 suffers from an insecure direct object reference vulnerability.

tags | exploit

SHA-256 | 2913e2114833b1b975093b54cddc506496b54958798b2a0f6a2dd39c81193a02

Download | Favorite | View

**Chuksrio LMS 2.9 Insecure Direct Object Reference**

    ====================================================================================================================================| # Title     : Chuksrio LMS v2.9 IDOR Vulnerability                                                                               || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.sourcecodester.com/                                                                                    |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : suffers from an insecure direct object reference that allows users to access the administrative interface.[+] use payload : /admin/header.php?captcha[+] https://www/127.0.0.1/mefkayschools.org/admin/header.php?captchaGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,203)
*   Arbitrary (16,836)
*   BBS (2,859)
*   Bypass (1,854)
*   CGI (1,033)
*   Code Execution (7,783)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,383)
*   DoS (25,016)
*   Encryption (2,389)
*   Exploit (53,089)
*   File Inclusion (4,257)
*   File Upload (989)
*   Firewall (822)
*   Info Disclosure (2,885)
*   Intrusion Detection (914)
*   Java (3,141)
*   JavaScript (896)
*   Kernel (7,183)
*   Local (14,788)
*   Magazine (586)
*   Overflow (13,161)
*   Perl (1,435)
*   PHP (5,220)
*   Proof of Concept (2,381)
*   Protocol (3,724)
*   Python (1,630)
*   Remote (31,622)
*   Root (3,632)
*   Rootkit (526)
*   Ruby (631)
*   Scanner (1,657)
*   Security Tool (8,024)
*   Shell (3,273)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,275)
*   SQL Injection (16,591)
*   TCP (2,440)
*   Trojan (690)
*   UDP (904)
*   Virus (669)
*   Vulnerability (32,920)
*   Web (9,953)
*   Whitepaper (3,781)
*   x86 (967)
*   XSS (18,236)
*   Other

**File Archives**

*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   August 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,084)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,534)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,560)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,418)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,704)
*   UNIX (9,432)
*   UnixWare (187)
*   Windows (6,668)
*   Other

Chuksrio LMS 2.9 Insecure Direct Object Reference

Debian Linux Security Advisory 5734-2 - The security update announced as DSA 5734-1 caused a regression on configurations using the Samba DLZ module. Updated packages are now available to correct this issue.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5734-2                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
July 27, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : bind9  
Debian Bug     : 1074378

The security update announced as DSA 5734-1 caused a regression on  
configurations using the Samba DLZ module. Updated packages are now  
available to correct this issue.

For the stable distribution (bookworm), this problem has been fixed in  
version 1:9.18.28-1~deb12u2.

We recommend that you upgrade your bind9 packages.

For the detailed security status of bind9 please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/bind9

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmalaGpfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0RQAA/+IIV9G8lTWHgh0YmMe1a84sYlo37BLBaCMeefUsBGBhngJlNCFT2m3YxA  
+zf6lMfHOvZPysMWoFqwIzRRo/wcQ9v4NhvZ0pEQaeUkCwqNzfWiUspoTLdGY/aw  
orrw6egUIv89lUDTixQpoI2+bhdM0ASrgpWV/AoAhELV0eUU29d2apsKr58um2W1  
HS1cu7IystRKaRqhZHdaQg5aHiOsuATne19OKQ+Zp9mQmgpzaw6gupRFNwcQC0tT  
9bVod4k4R5G/Z1takHW+ePrSEBfC7zWNYjrYLlEr0bf56tO1nZU9PQJuIPZfADaC  
TNtvkWTk5ZOEudDFiUXhkyjVT6o0sBS98/FzXqSRSlq1z51KeJy0QPziUdQjqcDV  
tV/314by4uXfLkRIXiTMQhtAP9HlTIdk8wy2ceX3sYwNPxfLT5oAoGVA2b1CLU7m  
MPU+qbu1fjJaebZJQA/L5WnHDLNPH4jMg6Pz3Kr7bbB8LEumC7zlp5T2IyY+BbHF  
ECBeZTsW27Gs1CS044ANmPrqoL5qE46YrIzWfYO5/hnvoM/f53JpshGGMYiKyW1r  
9CWN3IlZpxk8cEjtoudO6H5TlLHlUpfs+zwOVcCoer5TVsCwzy/achxXYS29xLLY  
3QeoAL3yBPnfvMUzynbUz9qovzt7p7csbg5cwf2C/lCP9imZUk8=  
=UY8Z  
-----END PGP SIGNATURE-----

Debian Security Advisory 5734-2

QuickJob version 6.1 suffers from an ignored default credential vulnerability.

**QuickJob 6.1 Insecure Settings**

Posted Jul 29, 2024

Authored by indoushka

QuickJob version 6.1 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | e6896d4cea9d5e1f38adf67e9cf29b00d07caf0ece1ebc4e316d431f13e72eca

Download | Favorite | View

**QuickJob 6.1 Insecure Settings**

    ====================================================================================================================================| # Title     : quickjob 6.1 Insecure Settings Vulnerability                                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://codecanyon.net/item/quickjob-job-board-php-script/25217096                                                 |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user&pass: admin[+] panel : https://www/127.0.0.1/xpressdigitalonline/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,161)
*   Arbitrary (16,833)
*   BBS (2,859)
*   Bypass (1,853)
*   CGI (1,033)
*   Code Execution (7,780)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,380)
*   DoS (25,014)
*   Encryption (2,389)
*   Exploit (53,083)
*   File Inclusion (4,257)
*   File Upload (989)
*   Firewall (822)
*   Info Disclosure (2,876)
*   Intrusion Detection (914)
*   Java (3,141)
*   JavaScript (895)
*   Kernel (7,179)
*   Local (14,782)
*   Magazine (586)
*   Overflow (13,153)
*   Perl (1,435)
*   PHP (5,220)
*   Proof of Concept (2,381)
*   Protocol (3,723)
*   Python (1,630)
*   Remote (31,618)
*   Root (3,625)
*   Rootkit (526)
*   Ruby (631)
*   Scanner (1,657)
*   Security Tool (8,023)
*   Shell (3,272)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,271)
*   SQL Injection (16,589)
*   TCP (2,440)
*   Trojan (690)
*   UDP (901)
*   Virus (669)
*   Vulnerability (32,911)
*   Web (9,949)
*   Whitepaper (3,781)
*   x86 (967)
*   XSS (18,236)
*   Other

**File Archives**

*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   August 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,090)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,084)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,534)
*   HPUX (880)
*   iOS (376)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,556)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,418)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,700)
*   UNIX (9,431)
*   UnixWare (187)
*   Windows (6,667)
*   Other

QuickJob 6.1 Insecure Settings

Prison Management System version version 1.0 suffers from an ignored default credential vulnerability.

**Prison Management System version 1.0 Insecure Settings**

Posted Jul 29, 2024

Authored by indoushka

Prison Management System version version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 81a9d01f3c8c94bb0000f4403731ff41830ed447ed13fdad39cbe7cc67884842

Download | Favorite | View

**Prison Management System version 1.0 Insecure Settings**

    ====================================================================================================================================| # Title     : Prison Management System version 1.0 Insecure Settings Vulnerability                                               || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.sourcecodester.com/php/15368/prison-management-system-phpoop-free-source-code.html                     |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/untcarriercom/admin/?page=system_infoGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,161)
*   Arbitrary (16,833)
*   BBS (2,859)
*   Bypass (1,853)
*   CGI (1,033)
*   Code Execution (7,780)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,380)
*   DoS (25,014)
*   Encryption (2,389)
*   Exploit (53,083)
*   File Inclusion (4,257)
*   File Upload (989)
*   Firewall (822)
*   Info Disclosure (2,876)
*   Intrusion Detection (914)
*   Java (3,141)
*   JavaScript (895)
*   Kernel (7,179)
*   Local (14,782)
*   Magazine (586)
*   Overflow (13,153)
*   Perl (1,435)
*   PHP (5,220)
*   Proof of Concept (2,381)
*   Protocol (3,723)
*   Python (1,630)
*   Remote (31,618)
*   Root (3,625)
*   Rootkit (526)
*   Ruby (631)
*   Scanner (1,657)
*   Security Tool (8,023)
*   Shell (3,272)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,271)
*   SQL Injection (16,589)
*   TCP (2,440)
*   Trojan (690)
*   UDP (901)
*   Virus (669)
*   Vulnerability (32,911)
*   Web (9,949)
*   Whitepaper (3,781)
*   x86 (967)
*   XSS (18,236)
*   Other

**File Archives**

*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   August 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,090)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,084)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,534)
*   HPUX (880)
*   iOS (376)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,556)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,418)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,700)
*   UNIX (9,431)
*   UnixWare (187)
*   Windows (6,667)
*   Other

Prison Management System version 1.0 Insecure Settings

Pharmacy Management System version 1.0 suffers from an ignored default credential vulnerability.

**Pharmacy Management System 1.0 Insecure Settings**

Posted Jul 29, 2024

Authored by indoushka

Pharmacy Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 59f44c9b7f06be4efb67d80c7c07d536ce29ef1457664c97c77dea0949148078

Download | Favorite | View

**Pharmacy Management System 1.0 Insecure Settings**

    ====================================================================================================================================| # Title     : Pharmacy Management System v1.0 Insecure Settings Vulnerability                                                    || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.sourcecodester.com/user/257130/activity                                                                |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yoruanwitness000webhostappcom/admin/?page=clientsGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,161)
*   Arbitrary (16,833)
*   BBS (2,859)
*   Bypass (1,853)
*   CGI (1,033)
*   Code Execution (7,780)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,380)
*   DoS (25,014)
*   Encryption (2,389)
*   Exploit (53,083)
*   File Inclusion (4,257)
*   File Upload (989)
*   Firewall (822)
*   Info Disclosure (2,876)
*   Intrusion Detection (914)
*   Java (3,141)
*   JavaScript (895)
*   Kernel (7,179)
*   Local (14,782)
*   Magazine (586)
*   Overflow (13,153)
*   Perl (1,435)
*   PHP (5,220)
*   Proof of Concept (2,381)
*   Protocol (3,723)
*   Python (1,630)
*   Remote (31,618)
*   Root (3,625)
*   Rootkit (526)
*   Ruby (631)
*   Scanner (1,657)
*   Security Tool (8,023)
*   Shell (3,272)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,271)
*   SQL Injection (16,589)
*   TCP (2,440)
*   Trojan (690)
*   UDP (901)
*   Virus (669)
*   Vulnerability (32,911)
*   Web (9,949)
*   Whitepaper (3,781)
*   x86 (967)
*   XSS (18,236)
*   Other

**File Archives**

*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   August 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,090)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,084)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,534)
*   HPUX (880)
*   iOS (376)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,556)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,418)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,700)
*   UNIX (9,431)
*   UnixWare (187)
*   Windows (6,667)
*   Other

Pharmacy Management System 1.0 Insecure Settings

Online Payment Hub System version 1.0 suffers from an ignored default credential vulnerability.

**Online Payment Hub System 1.0 Insecure Settings**

Posted Jul 29, 2024

Authored by indoushka

Online Payment Hub System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 30a6b1cbf6e4c838b1c70e5f65c51d228a564e5d1e6f1bc286e2c364b4ee5cda

Download | Favorite | View

**Online Payment Hub System 1.0 Insecure Settings**

    ====================================================================================================================================| # Title     : Online Payment Hub System v1.0 Insecure Settings Vulnerability                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://scriptmafia.org                                                                                            |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yoruban-witness.000webhostappcom/admin/?page=clientsGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,161)
*   Arbitrary (16,833)
*   BBS (2,859)
*   Bypass (1,853)
*   CGI (1,033)
*   Code Execution (7,780)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,380)
*   DoS (25,014)
*   Encryption (2,389)
*   Exploit (53,083)
*   File Inclusion (4,257)
*   File Upload (989)
*   Firewall (822)
*   Info Disclosure (2,876)
*   Intrusion Detection (914)
*   Java (3,141)
*   JavaScript (895)
*   Kernel (7,179)
*   Local (14,782)
*   Magazine (586)
*   Overflow (13,153)
*   Perl (1,435)
*   PHP (5,220)
*   Proof of Concept (2,381)
*   Protocol (3,723)
*   Python (1,630)
*   Remote (31,618)
*   Root (3,625)
*   Rootkit (526)
*   Ruby (631)
*   Scanner (1,657)
*   Security Tool (8,023)
*   Shell (3,272)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,271)
*   SQL Injection (16,589)
*   TCP (2,440)
*   Trojan (690)
*   UDP (901)
*   Virus (669)
*   Vulnerability (32,911)
*   Web (9,949)
*   Whitepaper (3,781)
*   x86 (967)
*   XSS (18,236)
*   Other

**File Archives**

*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   August 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,090)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,084)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,534)
*   HPUX (880)
*   iOS (376)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,556)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,418)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,700)
*   UNIX (9,431)
*   UnixWare (187)
*   Windows (6,667)
*   Other

Online Payment Hub System 1.0 Insecure Settings

Innue Business Live Chat version 2.5 suffers from an ignored default credential vulnerability.

**Innue Business Live Chat 2.5 Insecure Settings**

Posted Jul 29, 2024

Authored by indoushka

Innue Business Live Chat version 2.5 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 69cf2bb9bb7d7ff376d99fe228145e43a3757fab2416d6aff6f75b372ddf2d3a

Download | Favorite | View

**Innue Business Live Chat 2.5 Insecure Settings**

    ====================================================================================================================================| # Title     : innue business live chat v2.5 Insecure Settings Vulnerability                                                      || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.bdtask.com/business-live-chat-software.php                                                             |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@gmail.com & pass = admin[+] https://www/127.0.0.1/vmi1941086contaboservernet/loginGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,161)
*   Arbitrary (16,833)
*   BBS (2,859)
*   Bypass (1,853)
*   CGI (1,033)
*   Code Execution (7,780)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,380)
*   DoS (25,014)
*   Encryption (2,389)
*   Exploit (53,083)
*   File Inclusion (4,257)
*   File Upload (989)
*   Firewall (822)
*   Info Disclosure (2,876)
*   Intrusion Detection (914)
*   Java (3,141)
*   JavaScript (895)
*   Kernel (7,179)
*   Local (14,782)
*   Magazine (586)
*   Overflow (13,153)
*   Perl (1,435)
*   PHP (5,220)
*   Proof of Concept (2,381)
*   Protocol (3,723)
*   Python (1,630)
*   Remote (31,618)
*   Root (3,625)
*   Rootkit (526)
*   Ruby (631)
*   Scanner (1,657)
*   Security Tool (8,023)
*   Shell (3,272)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,271)
*   SQL Injection (16,589)
*   TCP (2,440)
*   Trojan (690)
*   UDP (901)
*   Virus (669)
*   Vulnerability (32,911)
*   Web (9,949)
*   Whitepaper (3,781)
*   x86 (967)
*   XSS (18,236)
*   Other

**File Archives**

*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   August 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,090)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,084)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,534)
*   HPUX (880)
*   iOS (376)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,556)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,418)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,700)
*   UNIX (9,431)
*   UnixWare (187)
*   Windows (6,667)
*   Other

Innue Business Live Chat 2.5 Insecure Settings

### Impact

This XSS vulnerability is about the system configs
* design/header/welcome
* design/header/logo_src
* design/header/logo_src_small
* design/header/logo_alt

They are intended to enable admins to set a text in the two cases, and to define an image url for the other two cases.
But because of previously missing escaping allowed to input arbitrary html and as a consequence also arbitrary JavaScript.

While this is in most usage scenarios not a relevant issue, some people work with more restrictive roles in the backend. Here the ability to inject JavaScript with these settings would be an unintended and unwanted privilege.

### Patches
_Has the problem been patched? What versions should users upgrade to?_  

The problem is patched with Version 20.10.1 or higher.

### Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_  

Possible mitigations are
* Restricting access to the System Configs 
* checking templates where these settings are used to apply proper html filtering

### For Users relying on this possibility

Some Users might actually rely on the ability to use html there.
You can restore the previous behavior by making use of the new introduced `->getUnescapedValue()` method on this escaped elements. Developers should have a look at the newly introduced `Mage_Core_Model_Security_HtmlEscapedString`

### Credit

Credit goes to  Aakash Adhikari @justlife4x4 for finding this issue

**Impact**

This XSS vulnerability is about the system configs

*   design/header/welcome
*   design/header/logo\_src
*   design/header/logo\_src\_small
*   design/header/logo\_alt

They are intended to enable admins to set a text in the two cases, and to define an image url for the other two cases.  
But because of previously missing escaping allowed to input arbitrary html and as a consequence also arbitrary JavaScript.

While this is in most usage scenarios not a relevant issue, some people work with more restrictive roles in the backend. Here the ability to inject JavaScript with these settings would be an unintended and unwanted privilege.

**Patches**

_Has the problem been patched? What versions should users upgrade to?_

The problem is patched with Version 20.10.1 or higher.

**Workarounds**

_Is there a way for users to fix or remediate the vulnerability without upgrading?_

Possible mitigations are

*   Restricting access to the System Configs
*   checking templates where these settings are used to apply proper html filtering

**For Users relying on this possibility**

Some Users might actually rely on the ability to use html there.  
You can restore the previous behavior by making use of the new introduced ->getUnescapedValue() method on this escaped elements. Developers should have a look at the newly introduced Mage_Core_Model_Security_HtmlEscapedString

**Credit**

Credit goes to Aakash Adhikari @justlife4x4 for finding this issue

**References**

*   GHSA-5vrp-638w-p8m2
*   https://nvd.nist.gov/vuln/detail/CVE-2024-41676
*   OpenMage/magento-lts@484cf8a

Tag

#ios