### 简要描述: rt ### 详细说明: 官网站:http://**.**.**.**/Login.aspx 在注册用户,检测用户名是否存在 处存在POST注入! 附:**.**.**.**:8000/ 一例 数据包如下: POST /CscAjax/ajax.aspx HTTP/1.1 Host: **.**.**.** Proxy-Connection: keep-alive Content-Length: 63 Accept: text/html, */* Origin: http://**.**.**.** X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36 Content-Type: application/x-www-form-urlencoded Referer: http://**.**.**.**/CscUser/Register.aspx Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.8 Cookie: ASP.NET_SessionId=sihpl4edptrhv5rllkq1vz45; tq_current_visit_time=1438136212880; tq_current_source_page_url=http://**.**.**.**/LoginUrl.aspx?infoid=122*InfoPager=Custom/Cust_Project.aspx; Hm_lvt_4861b8ec72ad47c31e8d238870b1bcb8=1438136215; Hm_lpvt_4861b8ec72ad47c31e8d238870b1bcb8=1438136215 Action=post&name=c_1231&func=proofread POST DATA参数name 存在注入。 ### 漏洞证明: 下图官网测试证明: [<img...
### 简要描述: rt ### 详细说明: 官网站:http://**.**.**.**/Login.aspx 在注册用户,检测用户名是否存在 处存在POST注入! 附:**.**.**.**:8000/ 一例 数据包如下: POST /CscAjax/ajax.aspx HTTP/1.1 Host: **.**.**.** Proxy-Connection: keep-alive Content-Length: 63 Accept: text/html, */* Origin: http://**.**.**.** X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36 Content-Type: application/x-www-form-urlencoded Referer: http://**.**.**.**/CscUser/Register.aspx Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.8 Cookie: ASP.NET_SessionId=sihpl4edptrhv5rllkq1vz45; tq_current_visit_time=1438136212880; tq_current_source_page_url=http://**.**.**.**/LoginUrl.aspx?infoid=122*InfoPager=Custom/Cust_Project.aspx; Hm_lvt_4861b8ec72ad47c31e8d238870b1bcb8=1438136215; Hm_lpvt_4861b8ec72ad47c31e8d238870b1bcb8=1438136215 Action=post&name=c_1231&func=proofread POST DATA参数name 存在注入。 ### 漏洞证明: 下图官网测试证明: [<img src="https://images.seebug.org/upload/201507/29164723dc9b759bd7c81bbe9f44046e907fa38a.png" alt="QQ截图20150729164602.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/29164723dc9b759bd7c81bbe9f44046e907fa38a.png) [<img src="https://images.seebug.org/upload/201507/29164728ffcbbfc188a452090d10254c09f9c3de.png" alt="QQ截图20150729164624.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/29164728ffcbbfc188a452090d10254c09f9c3de.png) [<img src="https://images.seebug.org/upload/201507/291647356ad0f0a28eabb25b09fb1124c88aa4c3.png" alt="QQ截图20150729164129.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/291647356ad0f0a28eabb25b09fb1124c88aa4c3.png)
