### 简要描述:
### 详细说明:
某学位论文提交系统通用SQL注入。
案例:
http://**.**.**.**:8001/paper/submit1.jsp
**.**.**.**:8001/paper/submit1.jsp
http://**.**.**.**:8080/paper/submit1.jsp
**.**.**.**:8001/paper/submit1.jsp
http://**.**.**.**:8001/paper/submit1.jsp
### 漏洞证明:
注入证明:(POST)
例:http://**.**.**.**:8001/paper/submit1.jsp
[<img src="https://images.seebug.org/upload/201507/121358094df1297a1470c39b2791f2500621ba5d.png" alt="QQ图片20150712135239.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/121358094df1297a1470c39b2791f2500621ba5d.png)
单引号输出报错
[<img src="https://images.seebug.org/upload/201507/121358446a4f06f5af21c0093acb8b6b6cb1358b.png" alt="QQ图片20150712135327.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/121358446a4f06f5af21c0093acb8b6b6cb1358b.png)
```
POST数据
POST /papercon HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*
Referer: http://**.**.**.**:8001/paper/submit1.jsp
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Content-Type: application/x-www-form-urlencoded
DontTrackMeHere: gzip, deflate
Host: **.**.**.**:8001
Content-Length: 762
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: JSESSIONID=8E9AC98447079C6DFA33746E7D2BEE6F
action=submit1&title=1&username=1&code=1&email=11@**.**.**.**&password=1&p_password=1&subject=%B9%DC%C0%ED%D1%A7&snumber=12°ree=2&department=10046&r_title=%B1%EA%CC%E2%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1&r_email=email%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1&e_email=email%B8%F1%CA%BD%B4%ED%CE%F3%A3%A1&r_username=%D0%D5%C3%FB%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1&C_username=%C8%A5%B5%F4%D0%D5%C3%FB%D6%D0%BF%D5%B8%F1%A3%A1&r_password=%C3%DC%C2%EB%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1&r_code=%D1%A7%BA%C5%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1&l_code=%D1%A7%BA%C5%CE%BB%CA%FD%B2%BB%D5%FD%C8%B7%A3%AC%C7%EB%CA%E4%C8%EB10%CE%BB%A3%A1&r_degree=%D1%A7%CE%BB%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1&r_subject=%D1%A7%BF%C6%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1&r_department=%C5%E0%D1%F8%B5%A5%CE%BB%B2%BB%C4%DC%CE%AA%BF%D5%A3%A1
```
SQLMAP注入:
[<img src="https://images.seebug.org/upload/201507/121359531161d3da2dd3551d36522f77ccccd70d.png" alt="04112024500f7626115437bb1bc30f2b6a6feafc.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/121359531161d3da2dd3551d36522f77ccccd70d.png)
[<img src="https://images.seebug.org/upload/201507/1214000146f9b938ca39e93b2cf4c623bd267b81.jpg" alt="0411203275cc85b4dadd89236ee20885ebf95ad3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/1214000146f9b938ca39e93b2cf4c623bd267b81.jpg)
京公网安备 11010502034610号
暂无评论