A health management system SQL Injection exposes tens of millions of residents.

A health management system SQL Injection exposes tens of millions of residents.

I think you can give me a full score...

Detailed description:

I still remember the https://www.bkjia.com/bugs/2015-0147241. You can't open the portal.

FUZZ, the main user of this cave, has some management accounts to view the information of tens of millions of residents in Heilongjiang province.

I have no intention of seeing the Sichuan residents' basic health information platform very familiar.

#1. Find the Account Verification interface and find a weak password Based on the account rules

Zhangli/123456 has read the permission and is responsible for registering the resident information of a district.

Now the problem is coming.

#2 There are obvious SQL injection in the search, and the injection point has a high permission... I used to find a high-permission account for managing Sichuan province. I can see that not only the data in Sichuan is here, but the basic information of more than 17 million residents in Heilongjiang in the above-mentioned portal is also here.

112 database, containing basic information about residents in Heilongjiang, Jilin, and Sichuan provinces

Injection point:

511422.wsglw.net/do/Person/Person.do

The current database is a sub-database in Sichuan Province and contains tens of millions of basic data, including name, address, blood type, medical history, ID card, and family members. It has over 100 databases and dba permissions, astonishing data volume

Tens of millions of basic data, only tests, no data

Proof of vulnerability:

Solution:

Strict permission Control

Strictly filter input!