### 简要描述:
日了Feng狗···跑的好慢
### 详细说明:
intitle:Login to webmail
http://hanwang.com.cn/login.php
这个貌似是不存在注入的,但是对应的邮箱域管理的后台登陆有post注入
http://mail.tofine.com:8090/login.php
以及
http://mail.tofine.com:8090/sys/login.php
http://mail.kddl.cn:8090/sys/login.php
http://mail.cqdc.com:8090/sys/login.php
http://pop3.huaxia.com:8090/sys/login.php
http://mail.nxcqcz.com:8090//sys/login.php
http://mail.kmgfsj.cn:8090/login.php
http://mail.nxcqcz.com:8090/login.php
http://mail.timeloit.com:8090/login.php
http://mail.dx-job.com:8090/sys/login.php
[<img src="https://images.seebug.org/upload/201506/251253258acfaa31d3afec8c2844770d76eaf33b.jpg" alt="QQ截图20150609215544.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/251253258acfaa31d3afec8c2844770d76eaf33b.jpg)
[<img src="https://images.seebug.org/upload/201506/25125331786c05f813ffddf5f083552f7a3c0e49.jpg" alt="QQ截图20150611121102.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/25125331786c05f813ffddf5f083552f7a3c0e49.jpg)
### 漏洞证明:
POST /sys/login.php?cmd=login HTTP/1.1
Host: mail.kddl.cn:8090
Content-Length: 92
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://mail.kddl.cn:8090
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36
Content-Type: application/x-www-form-urlencoded
DNT: 1
Referer: http://mail.kddl.cn:8090/sys/login.php?cmd=form&Lang=zh_CN
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8
Cookie: PHPSESSID=auj9l8ulu17e62ktj9h47qakf1; domain=11111211111111
sysadmin=111111111&passwd=222222222222&language=zh_CN&Lang=zh_CN&submit1=%E7%99%BB+%E5%BD%95
sysadmin参数有注入
京公网安备 11010502034610号
暂无评论