BOOK THIS SPACE FOR AD
ARTICLE ADHello, Hackers ♾
This is my first write-up about a critical bug I recently encountered.
How I discovered SQL Injection (Sqli) in one of the API calls,
Let’s Go…
I noticed that an API request was made for ordering a specific product, which caught my attention first.
My personal information is kept in a database if I submit my request.
I tried different SQLi payloads on each parameter. Eventually, I noticed an interesting response on one parameter when I tried a basic SQLi payload.
The above image shows the MySql error. going to dump the database
I use the Ghauri tool because it is faster than Sqlmap.
https://github.com/r0oth3x49/ghauri
As the request is a JSON and POST request, I created a file named a.txt.
Below I mentioned how I retrieved the data from the top company database.
ghauri -r a.txt — dbs — batch
We got the database name. Now, we need to find the table names.
ghauri -r a.txt — dbs -D xxxxxlive — table — batch
and we know the table's name nxt going to find columns and Details.
ghauri -r a.txt — dbs -D xxxxxlive -T admin — columns
ghauri -r a.txt — dbs -D xxxxxlive -T admin — dump — batch
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Thanks For Reading…
Happy New Year - 2024…❀