廊坊政府执法考试后台注入
漏洞存在的网址:http://lffzxzzf1.lf.gov.cn/廊坊政府执法考试后台
后台存在post注入
------------------------------
POST /login.aspx HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*
Referer: http://lffzxzzf1.lf.gov.cn/login.aspx
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: lffzxzzf1.lf.gov.cn
Content-Length: 328
Pragma: no-cache
__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTMyNDM5ODU3OQ9kFgICAQ9kFgICDw8PFgIeBFRleHQFG%2BeUqOaIt%2BWQjeaIluWvhueggemUmeivr%2B%2B8gWRkZLcal%2FrJ5560OhyzPTmYIs%2BGCAsR&__EVENTVALIDATION=%2FwEWBQKgxv21AQLs0bLrBgLs0fbZDAKM54rGBgK7q7GGCFPpA9cnzfaYRxV2hAhz2wn5DL86&TextBox1=admin&TextBox2=admin&Button1=%E7%99%BB%E9%99%86
TextBox1存在注入
http://static.wooyun.org/wooyun/upload/201511/0617450883eba05e158ed6e8d14a47b4b5763322.png
sa权限
可写shell或者达到直接提权的目的
http://static.wooyun.org/wooyun/upload/201511/0619430606737e0cbfc0436edb73d006534cb3d4.png
http://static.wooyun.org/wooyun/upload/201511/0619430606737e0cbfc0436edb73d006534cb3d4.png
库名zhifakaoshi表名tb_user字段一个用户名一个密码yhm,yhmm这两个
影响489个用户的信息安全 有身份证和照片姓名 还可修改成绩等
http://static.wooyun.org/wooyun/upload/201511/0619481857a381008ca32d32bac3642ae08d5337.png
system权限可直接提权
http://static.wooyun.org/wooyun/upload/201511/062003202bd8b424ec515d55bac2a6d437bae057.png
http://static.wooyun.org/wooyun/upload/201511/062004219d9ec034d2b8857efbf27f6143639df1.png 还是没人看:( 朋友,gov的站你也不打个码? 可以!找到注入点了
我仿佛又看到了一个马场。 支持中国红客联盟(ihonker.org) 谢谢分享,辛苦了 不打码- -网站已挂
RE: 廊坊政府执法考试后台注入
能加下 好友吗?作者? 7874026
页:
[1]