### 简要描述:
RT~
$$$$$$$$$$$$$$$$$$$$$$$
### 详细说明:
官网没成功。但是基本通杀。
存在问题的地方是这个登录接口:m.php?m=User&a=doLogin
post:origURL=ghost&password=ghost&email=ghost(email参数没有过滤)
报错~注入~
http://www.qianrengou.com/m.php?m=User&a=doLogin
post:post:origURL=ghost&password=ghost&email=ghost
[<img src="https://images.seebug.org/upload/201410/10155121ff588907125ad078cacde49b80967b0a.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/10155121ff588907125ad078cacde49b80967b0a.png)
[<img src="https://images.seebug.org/upload/201410/1015531540661dbc4a6ce5f57c0890d5bc9a7a91.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/1015531540661dbc4a6ce5f57c0890d5bc9a7a91.png)
[<img src="https://images.seebug.org/upload/201410/10154904b9aeb75c8926eec6ac82e773eca0e549.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/10154904b9aeb75c8926eec6ac82e773eca0e549.png)
默认后台:admin.php
[<img src="https://images.seebug.org/upload/201410/101557431171705a4d01b14c0174c1d527ebf506.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/101557431171705a4d01b14c0174c1d527ebf506.png)
ttp://www.xinjianghu.com.cn/m.php?m=User&a=doLogin
post:post:origURL=ghost&password=ghost&email=ghost
[<img src="https://images.seebug.org/upload/201410/10155553cd422cacf220e6a6c8aff48ae90939a8.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/10155553cd422cacf220e6a6c8aff48ae90939a8.png)
默认后台admin.php
[<img src="https://images.seebug.org/upload/201410/10155834553b73463ab8a93210a83370c37a42df.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/10155834553b73463ab8a93210a83370c37a42df.png)
### 漏洞证明:
案例
输入admin’ admin 报错!~
http://www.tuobar.com/m.php?m=User&a=doLogin
[<img src="https://images.seebug.org/upload/201410/10160210cf79d87478cf0cff5abdebf98c2119ff.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/10160210cf79d87478cf0cff5abdebf98c2119ff.png)
http://www.pizhoutuan.com/m.php?m=User&a=doLogin
[<img src="https://images.seebug.org/upload/201410/1016025726ff6b104941bd806739d1809002e7af.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/1016025726ff6b104941bd806739d1809002e7af.png)
http://tuan.0937.net/m.php?m=User&a=doLogin
[<img src="https://images.seebug.org/upload/201410/1016033122cc393365a26af7e4c2f871254a41f5.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/1016033122cc393365a26af7e4c2f871254a41f5.png)
http://www.yetuan.net/m.php?m=User&a=doLogin
[<img src="https://images.seebug.org/upload/201410/101604371ffb13e71825766cec3e4cd010af2560.png" alt="wooyun.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201410/101604371ffb13e71825766cec3e4cd010af2560.png)
http://tuan.323g.com/m.php?m=User&a=doLogin
http://www.th0799.com/m.php?m=User&a=doLogin
http://www.zhuanzhuan360.com/m.php?m=User&a=doLogin
http://www.tuanyiba.com/m.php?m=User&a=doLogin
http://www.meiyatuan.com/m.php?m=User&a=doLogin
http://www.tl19tuan.com/m.php?m=User&a=doLogin
http://www.56516.cn/m.php?m=User&a=doLogin
http://tuan.sj360.com.cn/m.php?m=User&a=doLogin
http://www.0750tuan.com/m.php?m=User&a=doLogin
http://www.0316tuan.com/m.php?m=User&a=doLogin
http://fy.qianrengou.com/m.php?m=User&a=doLogin
http://m.qianrengou.com/m.php?m=User&a=doLogin
http://www.julytuan.com/m.php?m=User&a=doLogin
京公网安备 11010502034610号
暂无评论