Exploit for SQL-PwnerX

Name: Exploit for SQL-PwnerX
Rating: 5 (150 reviews)
2025-03-01 | CVSS 8.3
## https://sploitus.com/exploit?id=28B0C8CD-41BB-5C16-920E-57D5617ED34A
# SQL PwnerX - Astra Pro Addon < 3.5.2 SQL Injection Exploit

## 📌 Overview
**SQL PwnerX** is a Python tool designed to test for and exploit an unauthenticated SQL Injection vulnerability in Astra Pro Addon **< 3.5.2**.

- **CVE ID**: CVE-2024-XYZ *(Replace with actual CVE)*
- **Affected Plugin**: Astra Pro Addon < 3.5.2
- **Type**: Unauthenticated SQL Injection
- **Tested On**: WordPress installations with Astra Pro Addon enabled

🚨 **DISCLAIMER:** This tool is for educational and authorized penetration testing purposes **only**. The author assumes **no liability** for misuse.

---

## ⚡ Features
- Automated **SQL Injection** detection
- Supports **Error-Based, Boolean-Based, Time-Based, and Union-Based** SQLi techniques
- Extracts **Database Version, Current User, and Available Databases**
- Dumps **Database Tables & Columns**
- Designed to mimic real browser requests

---

## 📜 Requirements
Ensure you have the following installed:

```bash
pip install requests pyfiglet
```

---

## 🚀 Usage
### Basic Command
```bash
python sql_pwnerx.py -u http://target.com
```

### Example
```bash
python sql_pwnerx.py -u https://vulnerable-wordpress.com
```

This will:
- Check if the target is vulnerable
- If vulnerable, extract database information
- Attempt to dump tables, columns, and sensitive data

---

## 🔍 How It Works
### 1️⃣ Scanning for Vulnerability
The tool checks for SQL Injection vulnerability by sending test payloads to vulnerable AJAX actions:
- `astra_pagination_infinite`
- `astra_shop_pagination_infinite`

### 2️⃣ Exploitation Techniques Used
- **Error-Based SQL Injection** (Detects DB errors in responses)
- **Boolean-Based SQL Injection** (Compares results of true/false conditions)
- **Time-Based SQL Injection** (Injects delays to confirm vulnerability)
- **Union-Based SQL Injection** (Extracts database information)

### 3️⃣ Data Extraction
Once a vulnerability is confirmed, the tool extracts:
- Database version (`@@version`)
- Current user (`user()`)
- Available databases (`schema_name FROM information_schema.schemata`)
- Tables and columns from the database

---

## 🛡️ Legal Disclaimer
This tool is intended for educational and authorized security testing **only**. Unauthorized access to systems you do not own or have explicit permission to test is **illegal** and punishable under **cybersecurity laws**. The author assumes **no responsibility** for misuse.

🚀 **Stay ethical and hack responsibly!**

---

## 🏷️ Author
**#AfterDark**

---

## 📄 License
This project is released under the **MIT License**. See `LICENSE` for details.