记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

某省敏感部门某系统存在设计缺陷(Unicode编码案例)

2016-01-13 18:10

mask 区域
1.http://**.**.**/login_czw.jsp_

*****2a842dc479c2.png" alt=&quo*****

*****已经注册*****

*****feaadadba54e.png" alt=&quo*****

*****此时系统会向*****

*****ode*****

2.://**.**.**//**.**.**.**/public/getdataset.jsp HTTP/1.1_

*****t: *****

*****uage: *****

******.**/szpt/we*****

*****on/x-www-for*****

*****: gzip, *****

*****IE 9.0; Windows NT 6*****

*******.*******

*****ength*****

***** Keep-*****

***** no-*****

*****R2offKyOG08Kp7*****

**********

*****5F$u0075$u0073$u0065$u0072 $u0077$u0068$u0065$u0072$u0065 c_mobileno='*****

*****de&g*****

**********

*****的而且使*****

*****以*****

*****ode*****

*****0066$u0072$u006F$u006*****

*****de&g*****

**********

*****42910774d056.png" alt=&quo*****

漏洞证明:

mask 区域
*****数大*****

*****c7fdf05bf3bf.png" alt=&quo*****

*****ode*****

*****);var rs=new js*****

*****e("z*****

*****BLE_NAME",&q*****

*****String",&qu*****

*****LGY_ZRQ",&q*****

*****OUSE_TMP",&*****

*****NFO_BZ",&qu*****

*****O_BZ_TMP1",&*****

*****BZ_TMP1_BAK",*****

*****ERSON",&quo*****

*****BSJ_LOG",&q*****

*****CARDNO",&q*****

*****JNLK",&quo*****

*****20130609",&q*****

*****LK_0531",&q*****

*****_20130531",&*****

*****LK_BF",&quo*****

*****LK_HIS",&qu*****

*****LK_JK",&quo*****

*****LK_JK0913",*****

*****LK_OLD",&qu*****

*****JWLK",&quo*****

*****JWLK_JK",&*****

*****XX_HF",&quo*****

*****TDCY",&quo*****

*****_COUNT",&q*****

*****MP","*****

*****FZ_ZJSL",&q*****

*****nd*****

**********

*****de&g*****

*****t;,"14036429*****

*****c250d1b496e4.png" alt=&quo*****

*****有姓名被编*****

*****ode*****

*****uot;INSERTFLAG","SUNIT_CODE","SORG_LOGGED","SORG_LOGGED_ID","SWHO_LOGGED","DWHEN_LOGGED","SCANCEL_SIGN","DWHEN_CANCELLED","S*****

*****de&g*****

**********

**********

*****3f3d8d452aae.png" alt=&quo*****

**********

**********

*****这*****

*****t;,"1868*****

*****量*****

*****f59daf2232b9.png" alt=&quo*****

*****看*****

*****40d06cc8dac2.png" alt=&quo*****

*****ode*****

*****;2011-06-11 11:37:28.0","fazcbg",null,null,null,"2011-06-10 13:42:06.0","3509811014",null,"fazcbg",null,"1307684230859",null,"1","0","其他&q*****

*****37:46.0","2011-06-11 01:49:55.0","古田县华侨大厦",null,null,null,"2011-06-10 13:42:34.0","3522270029",null,"gthqds",null,"1307684266625",null,"1&*****

*****0","0036","0036","牡丹卡",null,"2008-11-21 18:25:29.0","3504020018","2008-11-23 12:35:10.0","0036",null,null,null,"4","1",null*****

*****;8119","牡丹卡",null,"2008-11-21 18:25:31.0","3504810019","2008-11-22 14:48:28.0","8119",null,null,null,"4","1",null,"2008-11-21*****

*****","8016",null,"牡丹卡",null,"2008-11-21 18:25:34.0","3504280016",null,"8016",null,null,null,"1","1",null,"2008-1*****

*****;2008-11-22 15:12:58.0","陈丽华","陈丽华","牡丹卡",null,"2008-11-21 18:25:54.0","3504260018","2008-11-22 15:12:58.0",null,null,null,null,"4&q*****

*****11-23 09:18:22.0","0327","0054","牡丹卡",null,"2008-11-21 18:25:57.0","3504030027","2008-11-23 09:18:22.0",null,null,null,null,"4",&quo*****

*****t;2008-11-24 21:03:38.0","8019","8019","牡丹卡",null,"2008-11-21 18:26:06.0","3504280019","2008-11-24 21:03:38.0","8019",null,null,null,"4&*****

*****07 21:12:33.0","2717","2717","牡丹卡",null,"2008-11-21 20:52:31.0","3504270017","2008-12-07 21:12:33.0","2717",null,null,null,"4","1&quo*****

*****06-28 20:49:49.0","2909",null,"牡丹卡",null,"2008-11-21 20:52:40.0","3504290009",null,"2909",null,null,null,"1","1&q*****

*****","0042","牡丹卡",null,"2008-11-21 20:52:47.0","3504030021","2008-11-24 15:50:57.0","0042",null,null,null,"4","1",nul*****

*****","0054","0054","牡丹卡",null,"2008-11-21 20:52:58.0","3504030027","2008-11-22 10:09:20.0","0054",null,null,null,"4","1",null,&*****

*****54:34.0","8134","8134","牡丹卡",null,"2008-11-21 20:53:09.0","3504810034","2009-02-11 17:54:34.0",null,null,null,null,"4","1&q*****

*****;,"0042","0042","牡丹卡",null,"2008-11-21 20:43:35.0","3504030021","2008-11-24 15:50:57.0","0042",null,null,null,"4","1&q*****

*****-24 11:17:32.0","唐加联","唐加联","牡丹卡",null,"2008-11-21 20:43:37.0","3504250012","2008-11-24 11:17:32.0",null,null,null,null,"4"*****

*****0","2009-03-20 14:17:18.0","0202",null,"牡丹卡",null,"2008-11-21 20:43:44.0","3504020002",null,"0202",null,null,null,"1","1&quo*****

*****"2009-03-17 00:39:10.0","0244",null,"牡丹卡",null,"2008-11-21 20:43:49.0","3504020044",null,"0244",null,null,null,"1",&q*****

*****2:09.0","2008-11-22 10:31:30.0","2714","2714","牡丹卡",null,"2008-11-21 20:43:54.0","3504270014","2008-11-22 10:31:30.0",null,null,null,null,&quo*****

*****quot;2011-06-11 14:05:58.0","东侨长兴足浴",null,null,null,"2011-06-10 13:42:35.0","3509990799",null,"dqcxzy",null,"1307684273234",null,"1","0",&quo*****

*****nd*****

**********

*****de&g*****

**********

修复方案:

不要传sql

知识来源: www.wooyun.org/bugs/wooyun-2016-0155774

阅读:86804 | 评论:0 | 标签:无

想收藏或者和大家分享这篇好文章→复制链接地址

“某省敏感部门某系统存在设计缺陷(Unicode编码案例)”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云