2

I used burpsuite to do an active scan of my web application (using MySQL) in order to find vulnerabilities. After the scan was done, one of my tables got messed up:

 |-----|---------------------|----------------|-----------------------|---------|
 | Row |      Pan number     |Card number     |Date of insert         | Edit    |
 |-----|---------------------|----------------|-----------------------|---------|
 |  1  |"ping -n 21 127/0/0  |         0      |         8/24/2022     | Edit    |
 |     |---------------------|----------------|-----------------------|---------|
 |     |     2               |         0      |         8/24/2022     | Edit    |        
 |     |---------------------|----------------|-----------------------|---------|
 |     |     3               |         0      |         8/24/2022     | Edit    |
 |-----|---------------------|----------------|-----------------------|---------|
 | 4   |'+(function(){if(typ |         0      |         8/24/2022     | Edit    | 
 |-----|---------------------|----------------|-----------------------|---------|
 | 5   |sleep(20)            |         0      |         8/24/2022     | Edit    |
 |-----|---------------------|----------------|-----------------------|---------|
 | 6   |                                                              |'-->'-->'|
 |-----|---------------------|----------------|-----------------------|---------|

I've noticed that some row numbers moved into Pan number with a square like shape above it (Couldn't draw the shape in the table), instead of my previous pan numbers got weird statements. Last raw the Edit which is a hyperlink got changed into this '-->'-->'-->'--> with a single column .

When I try to edit using Edit hyperlink, this the error that I get:

Warning: mysql_result [function.mysql-result]: Unable to jump to row 0 on MySQL result ...

When I try to add another card, the entire table moves up (e.g. 41 rows) and shows many other strange entries, and sometimes goes down (e.g. 10 rows). Also, many entries disappeared.

Why does this happen?

Can someone please tell me what is going on on how to get my previous data back?

zolei
  • 31
  • 6

1 Answers1

2

After the scan was done, one of my tables got messed up:

I assume by table you mean the HTML table and not your actual MySQL table?

Why does this happen? Can someone please tell me what is going on on how to get my previous data back?

Sounds like the scan was successful and uncovered some XSS or at least HTML injection in your table rendering logic. I assume your table is busted because you are not properly escaping HTML characters and what you see is the best that your browser could come up with given the broken markup you gave it to render.

The solution is to fix your table rendering. You'll then see the actual Burp payloads (that caused the rendering to break) as usual data in your table. Also use "view source" in your browser to check out the raw HTML, I think it will be quite educational if my assumptions are correct.

Prinzhorn
  • 22,120
  • 7
  • 61
  • 65