A giant has many injections (an interesting addslashes that is sometimes absent)

A giant has many injections (an interesting addslashes that is sometimes absent)

There was no small gift for the last vulnerability !! So I still have a question. Will this time be ignored?

I gave up when I became the richest person. I can give it another 20 minutes ~

Http://mobile.ztgame.com/mobile/index.php

Giant's unified data center, the system is quite interesting. All submitted parameters will flow through test. php. We can see that after addslashes, php should write gpc.
 

 

However, in the logon port of the GAO server, the gpc is invalid. Then, let's take a look at test. Although it is added globally, another Formatting should be performed when the database is executed. The textbook is generally incorrect.
 

First

The injection point is here. Submitting admin' will cause an error, because all database users are one and will be together later.
 

Second

User Logon Port

Http://mobile.ztgame.com/m_login.php

SQL Injection exists in the place where the user name is submitted
 

Unfortunately, the parameter is not only passed to the select statement, but also into an update statement. It should be to update the logon time. It cannot be used together for query, otherwise, the absolute path can be written to shell Using into outfile, username parameter, 99 library.
 

 

 

Third

It seems that a hole has been mentioned, but it has not been repaired yet.
 

A large number of databases. Currently, this is in section 103. Have you shut down the machine in section 102 last time? Please handle this well.
 

 

 

 

Solution:

This GAO system should be re-deployed. The old system should be deprecated and the data is still in it.