## https://sploitus.com/exploit?id=8A48F0F1-48C8-5345-855C-8033EF36BBEF
# CVE-2019-9053 - CMS Made Simple SQL Injection Exploit (Modified)
## Description
This is a modified version of the time-based SQL injection exploit for CMS Made Simple <= 2.2.9. The exploit was originally created by Daniele Scanu and has been updated for better compatibility and modern Python practices.
## CVE Information
- **CVE ID:** CVE-2019-9053
- **Affected Software:** CMS Made Simple <= 2.2.9
- **Vulnerability Type:** Unauthenticated Time-Based SQL Injection
- **Original Exploit Author:** Daniele Scanu @ Certimeter Group
- **Original Date:** 30-03-2019
## Modifications Made
This version includes the following improvements:
1. **Removed termcolor dependency** - The original script required the `termcolor` library for colored output. This version removes that dependency, making it work out of the box with standard Python installations.
2. **Modernized file handling** - Replaced old-style file operations with context managers (`with` statements) for safer and more Pythonic code.
3. **Added error handling** - Implemented try-except blocks to handle missing wordlist files gracefully.
4. **Code simplification** - Cleaned up global variable declarations and improved code readability.
## Usage
### Basic Usage (Extract credentials without cracking)
```bash
python exploit.py -u http://target-uri
```
### With Password Cracking
```bash
python exploit.py -u http://target-uri --crack -w /path/to/wordlist.txt
```
## Requirements
- Python 2.7
- `requests` library
Install requirements:
```bash
pip install requests
```
## How It Works
This exploit uses time-based blind SQL injection to extract:
- Salt value
- Username
- Email address
- Password hash (MD5)
Optionally, it can crack the password using a provided wordlist.
## Disclaimer
โ ๏ธ **For Educational Purposes Only**
This tool is provided for educational purposes and authorized penetration testing only. Used for TryHackMe CTF practice. Unauthorized access to computer systems is illegal. Always obtain proper authorization before testing.
## Credits
- **Original Author:** Daniele Scanu @ Certimeter Group
- **Original Exploit:** [Exploit-DB](https://www.exploit-db.com/)
- **Modified Version:** For TryHackMe CTF practice and improved compatibility
## License
This is a modification of a publicly available exploit. Use responsibly and ethically.