| | 1 | + | <?php |
| | 2 | + | // I am using cheap trick to run mysql on it |
| | 3 | + | // due to of some issues my xampp is not working perfectly |
| | 4 | + | |
| | 5 | + | echo "UseReFuzz Tool testing template"; |
| | 6 | + | $ufzParam = $_SERVER['HTTP_USER_AGENT']; |
| | 7 | + | echo "<br/>Payload => $ufzParam"; |
| | 8 | + | exec("/opt/lampp/bin/mysql -u root -proot -D mysql -e 'select * from db where Db =\"$ufzParam\";'"); |
| | 9 | + | |
| | 10 | + | /* Request |
| | 11 | + | GET /userefuzz.php HTTP/1.1 |
| | 12 | + | Host: 192.168.1.11:8000 |
| | 13 | + | Upgrade-Insecure-Requests: 1 |
| | 14 | + | User-Agent: test";SELECT SLEEP(5);-- - |
| | 15 | + | Connection: close |
| | 16 | + | */ |
| | 17 | + | |
| | 18 | + | ?> |
| | 19 | + | |
