Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-9053 PoC — CMS Made Simple SQL注入漏洞

Source
https://github.com/TeymurNovruzov/CVE-2019-9053-python3-remastered
Associated Vulnerability
Title:CMS Made Simple SQL注入漏洞 (CVE-2019-9053)
Description:An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Description
The script has been remastered by Teymur Novruzov to ensure compatibility with Python 3. This tool is intended for educational purposes only. Unauthorized use of this tool on any system or network without permission is illegal. The author is not responsible for any misuse of this tool.
Readme
# CVE-2019-9053-python3-remastered
The script has been remastered by Teymur Novruzov to ensure compatibility with Python 3. This tool is intended for educational purposes only. Unauthorized use of this tool on any system or network without permission is illegal. The author is not responsible for any misuse of this tool.

CMS Made Simple SQL Injection Exploit (Python 3)
Overview
This repository contains a Python 3 script that exploits a time-based SQL injection vulnerability in CMS Made Simple. The script has been remastered by Teymur Novruzov to ensure compatibility with Python 3.

Features
Dumps sensitive information such as salt, username, email, and password.
Optional password cracking feature using a wordlist.
Utilizes a time-based SQL injection approach.

Requirements
Python 3.x

Requests library (install via pip install requests)
Usage
Basic Usage

python3 exploit.py -u http://target-uri
With Password Cracking

python3 exploit.py -u http://target-uri --crack

Options
-u, --url: Specify the base target URL (e.g., http://10.10.10.100/cms)
-c, --crack: Enable password cracking using a wordlist

Example
python3 exploit.py -u http://10.10.10.100/cms
python3 exploit.py -u http://10.10.10.100/cms --crack

How It Works
Dump Salt: Extracts the salt used for hashing passwords.
Dump Username: Extracts the username from the CMS database.
Dump Email: Extracts the email associated with the user.
Dump Password: Extracts the hashed password.
Crack Password: (Optional) Attempts to crack the password using a wordlist.
Important Notes
Ensure the variable TIME is set appropriately as this SQL injection is time-based.
This script is for educational purposes only. Use it responsibly and with permission.

Author
Teymur Novruzov

License
This project is licensed under the MIT License.

Example Output

[+] Salt for password found: abcdef
[+] Username found: admin
[+] Email found: admin@example.com
[+] Password found: 5f4dcc3b5aa765d61d8327deb882cf99\
[*] Now try to crack password
[*] Try: password
[+] Password cracked: password

Disclaimer
This tool is intended for educational purposes only. Unauthorized use of this tool on any system or network without permission is illegal. The author is not responsible for any misuse of this tool.
File Snapshot

 [4.0K]  /data/pocs/24fd3eda27b7e46cc8951ab3d798ed9659180a9b
├── [8.1M]  CVE-Rematesred.mp4
├── [2.2K]  README.md
└── [5.8K]  remastered_exploit.py

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →