Hey everyone...! πŸ‘‹

I recently discovered an SQL Injection vulnerability in a private application. For the sake of this post, let's call the target mnop.com. πŸ”

The site was built on PHP (I got this info using the Wappalyzer extension). During my initial exploration, I noticed a parameter in the URL: "?id=5". I started with some basic manual SQL payloads, but nothing seemed to work. 

Then, I decided to run the  COFFINXP tool to check for SQL Injection, and that’s when I found a time-based SQL Injection vulnerability with an XOR payload. πŸ” I verified this using Burp Suite as well. Here's a  screenshot of the results. πŸ“Έ

Once I confirmed the vulnerability, I decided to run the SQLMAP tool to automate the process. Here's the command I used:

"""
sqlmap -u "https://mnop.com" --dbs --level=5 --risk=3 --user-agent -v3 --tamper="between, randomcase,space2comment" --batch --dump
"""

After running this, I was able to extract information about the database, including its version and available databases. πŸ—ƒ️

For privacy reasons, I’m only sharing some parts of the SQLMAP output here. ( Screenshot) πŸ”’

Key Takeaway: πŸ“

SQL Injection vulnerabilities are still prevalent, and tools like COFFINXP and SQLMAP can significantly help in identifying and exploiting these weaknesses. Always ensure that your web applications are secured with proper input sanitization and parameterized queries to prevent such attacks. πŸ”’

Feeling confusedπŸ˜•πŸ«€...? Don't worry, I got you...! Feel free to drop a comment below or shoot me a DM on LinkedIn if you need further clarification...! I’m happy to help. πŸ’¬ Let's keep the web safe together…!