https://pwnwiki.com/index.php?action=history&feed=atom&title=%E4%B8%80%E5%8D%A1%E9%80%9A%E4%BF%A1%E6%81%AF%E7%AE%A1%E7%90%86%E7%B3%BB%E7%B5%B1_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E%2Fzh-hant 一卡通信息管理系統 SQL注入漏洞/zh-hant - Revision history 2026-04-07T20:21:20Z Revision history for this page on the wiki MediaWiki 1.35.1 https://pwnwiki.com/index.php?title=%E4%B8%80%E5%8D%A1%E9%80%9A%E4%BF%A1%E6%81%AF%E7%AE%A1%E7%90%86%E7%B3%BB%E7%B5%B1_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E/zh-hant&diff=6965&oldid=prev Pwnwiki: Created page with "==弱口令==" 2021-07-10T08:18:04Z <p>Created page with &quot;==弱口令==&quot;</p> <p><b>New page</b></p><div>&lt;languages /&gt;<br /> <br /> &lt;center&gt;<br /> {| style=&quot;border: 2.0px solid grey; background: #b3ff9c;&quot; width=&quot;85%&quot;<br /> | align=&quot;center&quot; width=&quot;60px&quot;| [[File:Check.png|link=|55px]]<br /> | align=&quot;center&quot; |'''該漏洞已通過驗證'''<br /> ------<br /> &lt;small&gt;本頁面的EXP/POC/Payload經測試可用,漏洞已經成功復現。&lt;/small&gt;<br /> |}<br /> &lt;/center&gt;<br /> ==漏洞信息==<br /> 此系統存在默認弱口令,以及前台sql注入。<br /> ==FOFA==<br /> &lt;pre&gt;<br /> &quot;Content/images/login/logo.png&quot; &amp;&amp; &quot;/Content/js/core/knockout-2.2.1.js&quot;<br /> &lt;/pre&gt;<br /> <br /> ==弱口令==<br /> &lt;pre&gt;<br /> super<br /> <br /> 1234<br /> &lt;/pre&gt;<br /> <br /> ==SQL注入==<br /> <br /> 用戶名處存在SQL注入漏洞,使用BurpSuite插件利用(在用戶名處加入&lt;code&gt;*&lt;/code&gt;)。<br /> <br /> https://github.com/c0ny1/sqlmap4burp-plus-plus/<br /> <br /> <br /> ==參考==<br /> https://mp.weixin.qq.com/s/zxxOWSYgzY-z8GbBxEP_TQ</div> Pwnwiki