VULHUB ™

### 简要描述： RT ### 详细说明： ``` Google:inurl:/opac/index.jsp ``` 在以及单位这里抓包 [<img src="https://images.seebug.org/upload/201508/12200850a8540078fcf50f67b2b4e4c0e7ee2159.png" alt="QQ截图20150812200806.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/12200850a8540078fcf50f67b2b4e4c0e7ee2159.png) ``` GET /lt/dzgl/dzxxgl/getejdw.jsp?yjdw=00000030 HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/8.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729) Accept-Encoding: gzip, deflate Host: **.**.**.**:8070 Proxy-Connection: Keep-Alive Cookie: JSESSIONID=abc9m9iak5dpP_fybRH8u ``` 然后放进sqlmap跑即可 ### 漏洞证明： [<img src="https://images.seebug.org/upload/201508/1220314805b33ca8efa851449e62a750b4814c26.png" alt="QQ截图20150812201904.png" width="600"...

### 简要描述： RT ### 详细说明： ``` Google:inurl:/opac/index.jsp ``` 在以及单位这里抓包 [<img src="https://images.seebug.org/upload/201508/12200850a8540078fcf50f67b2b4e4c0e7ee2159.png" alt="QQ截图20150812200806.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/12200850a8540078fcf50f67b2b4e4c0e7ee2159.png) ``` GET /lt/dzgl/dzxxgl/getejdw.jsp?yjdw=00000030 HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/8.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729) Accept-Encoding: gzip, deflate Host: **.**.**.**:8070 Proxy-Connection: Keep-Alive Cookie: JSESSIONID=abc9m9iak5dpP_fybRH8u ``` 然后放进sqlmap跑即可 ### 漏洞证明： [<img src="https://images.seebug.org/upload/201508/1220314805b33ca8efa851449e62a750b4814c26.png" alt="QQ截图20150812201904.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/1220314805b33ca8efa851449e62a750b4814c26.png) [<img src="https://images.seebug.org/upload/201508/122033108a55376e176e4dab169a3676e27f7c52.png" alt="QQ截图20150812201917.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/122033108a55376e176e4dab169a3676e27f7c52.png) [<img src="https://images.seebug.org/upload/201508/122033223a8f7fd1718c6e16f7ac5250586fe3bd.png" alt="QQ截图20150812202458.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/122033223a8f7fd1718c6e16f7ac5250586fe3bd.png) [<img src="https://images.seebug.org/upload/201508/12203353484322fd968af369466f0d2941b42e8e.png" alt="QQ截图20150812202516.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/12203353484322fd968af369466f0d2941b42e8e.png) [<img src="https://images.seebug.org/upload/201508/12203404766b78ffa8bdb4b639292d3537f1c17d.png" alt="QQ截图20150812202931.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/12203404766b78ffa8bdb4b639292d3537f1c17d.png) ``` **.**.**.**:8070/dzzxtj/dztjtj.jsp **.**.**.**:8070/dzzxtj/dztjtj.jsp http://**.**.**.**:8070/dzzxtj/dztjtj.jsp **.**.**.**:8070/dzzxtj/dztjtj.jsp http://**.**.**.**:8070/dzzxtj/dztjtj.jsp ...... ```