Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

Jan 14, 2022 1 min read

CVE-2021-32099 Pandora_v7.0NG.742

Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell

Official Blog by the Author

Blog https://blog.sonarsource.com/pandora-fms-742-critical-code-vulnerabilities-explained

Usage :

usage: sqlpwn.py [-h] -t TARGET [-f FILENAME]

Exploiting Sqlinjection To impersonate Admin

optional arguments:
-h, --help            show this help message and exit
-t TARGET, --target TARGET
                      Host Ip for the Exploiting with target Port 
-f FILENAME, --filename FILENAME
                      Filename for Shell Upload with php extension

GitHub

View Github

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.

Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

CVE-2021-32099 Pandora_v7.0NG.742

Official Blog by the Author

GitHub

John

The GUI application by Python3.8. Using QT Design draw UI and generator UI XML file provides to PySide2 build GUI components

A general-purpose discord bot for the 8G Discord-Server

CVE-2021-32099 Pandora_v7.0NG.742

Official Blog by the Author

GitHub

The GUI application by Python3.8. Using QT Design draw UI and generator UI XML file provides to PySide2 build GUI components

A general-purpose discord bot for the 8G Discord-Server

You might also like...