给各位在学sql注入的群友讲一个判断注入点的小技巧,把你的注入点路径复制下来,比如这里的https://www.aw8vn.com/assets,在浏览器里打开,如果返回404,好肯定是找错了,自己按着报错那一堆后续教程继续摸索,如果你发现能正常打开网站但是页面就是首页,这时你再点进网址栏会惊讶的发现url已经重定向回首页去了,你也不用再在sqlmap里跑了🙃🙃🙃
ctf工具合集(好多都有点年头了,但可以入门的时候拿来过渡一下)
吾爱010 Editor 64位10.0.1汉化破解版
FileLocator Pro8.2.2766.x64中文绿色便携专业版
路由器密码查看工具(RouterPassView)v1.86
二维码扫描器v1.0绿色版
二维码工具(QR Research)
ZIpRar密码破解
Wireshark 64位V3.2.4.0官方版
winhex19.8
USB数据检测抓包工具(USBPcap 1.0.0.7.2ip)
UPX Unpacker
sqlmap汉化工具
smzy_ Xshell6win10
save-page-we插件.cnx
RAS整数因式分解(yatu-1.34.)
Notepad++ 7.8.8官方中文版
New御剑1.5后台扫描(加强字典版)
adX_ han.jar
lQRCode批量扫图
HexDecChar_ n
GoldWave Vv6.41绿色修正版-查看声图谱工具
Explore2ts(ext2ex3文件系统查看器)V1.09汉化绿色版
Dreamweaver MX 2004
CTFCrackTools3.2.4.7
CTFcrackools(解密工具)
CRC计算器(CRC Calculator)V0.1
crc32-master (CRC32爆破工具)
CRC16校验码计算器Converter-cn编码工具
Burpsuite+ 1.7.26+Unlimited
ARCHPR4.54
APKSign
+++tweakpng改图高度工具
++stegsove-- -图隐写查看器
分享链接:「CTF工具软件」,复制整段内容,打开最新版「夸克APP」即可获取。
无需下载在线播放视频,畅享原画5倍速,支持电视投屏。
/~e7cb31JDRj~:/
链接:https://pan.quark.cn/s/8b5353f805f8
吾爱010 Editor 64位10.0.1汉化破解版
FileLocator Pro8.2.2766.x64中文绿色便携专业版
路由器密码查看工具(RouterPassView)v1.86
二维码扫描器v1.0绿色版
二维码工具(QR Research)
ZIpRar密码破解
Wireshark 64位V3.2.4.0官方版
winhex19.8
USB数据检测抓包工具(USBPcap 1.0.0.7.2ip)
UPX Unpacker
sqlmap汉化工具
smzy_ Xshell6win10
save-page-we插件.cnx
RAS整数因式分解(yatu-1.34.)
Notepad++ 7.8.8官方中文版
New御剑1.5后台扫描(加强字典版)
adX_ han.jar
lQRCode批量扫图
HexDecChar_ n
GoldWave Vv6.41绿色修正版-查看声图谱工具
Explore2ts(ext2ex3文件系统查看器)V1.09汉化绿色版
Dreamweaver MX 2004
CTFCrackTools3.2.4.7
CTFcrackools(解密工具)
CRC计算器(CRC Calculator)V0.1
crc32-master (CRC32爆破工具)
CRC16校验码计算器Converter-cn编码工具
Burpsuite+ 1.7.26+Unlimited
ARCHPR4.54
APKSign
+++tweakpng改图高度工具
++stegsove-- -图隐写查看器
分享链接:「CTF工具软件」,复制整段内容,打开最新版「夸克APP」即可获取。
无需下载在线播放视频,畅享原画5倍速,支持电视投屏。
/~e7cb31JDRj~:/
链接:https://pan.quark.cn/s/8b5353f805f8
pan.quark.cn
夸克网盘分享
夸克网盘是夸克推出的一款云服务产品,功能包括云存储、高清看剧、文件在线解压、PDF一键转换等。通过夸克网盘可随时随地管理和使用照片、文档、手机资料,目前支持Android、iOS、PC、iPad。
显齋Oracle是国内顶尖的黑客组织,成立于2020年。我们的成员来自浙江大学,华中科技大学,北京邮电大学和西北工业大学等高校,为现役腾讯,奇安信,安恒信息等国内一线安全厂家的高级红队渗透测试工程师。
组员战绩包括但不限于DEFCON CTF决赛前十,全国工业互联网安全技术技能大赛冠军,DSCTF首届数字空间安全攻防大赛冠军,RWCTF体验赛冠军等。
实战中针对台湾省,东南亚国家及北约国家等网站发起过多次攻击,获得如台当局伪青年辅导委员会政府官网等多个gov网站的后台权限。
组织并不涉及商业化黑灰产行为,但不约束组员行为,此频道为有偿渗透接单,数据交易频道,教学资讯频道请移步 @Oracleimpact
(后续两频道除少数运营信息之外技术内容会同步更新,推荐根据需求只关注一个便于我们统计订阅数,文字编辑 @metaspolit233 ,不接单请勿打扰)
组员战绩包括但不限于DEFCON CTF决赛前十,全国工业互联网安全技术技能大赛冠军,DSCTF首届数字空间安全攻防大赛冠军,RWCTF体验赛冠军等。
实战中针对台湾省,东南亚国家及北约国家等网站发起过多次攻击,获得如台当局伪青年辅导委员会政府官网等多个gov网站的后台权限。
组织并不涉及商业化黑灰产行为,但不约束组员行为,此频道为有偿渗透接单,数据交易频道,教学资讯频道请移步 @Oracleimpact
(后续两频道除少数运营信息之外技术内容会同步更新,推荐根据需求只关注一个便于我们统计订阅数,文字编辑 @metaspolit233 ,不接单请勿打扰)
👍2🤮1🤡1
显齋Oracle-网络安全/web渗透 pinned «显齋Oracle是国内顶尖的黑客组织,成立于2020年。我们的成员来自浙江大学,华中科技大学,北京邮电大学和西北工业大学等高校,为现役腾讯,奇安信,安恒信息等国内一线安全厂家的高级红队渗透测试工程师。 组员战绩包括但不限于DEFCON CTF决赛前十,全国工业互联网安全技术技能大赛冠军,DSCTF首届数字空间安全攻防大赛冠军,RWCTF体验赛冠军等。 实战中针对台湾省,东南亚国家及北约国家等网站发起过多次攻击,获得如台当局伪青年辅导委员会政府官网等多个gov网站的后台权限。 组织并不涉及商业化黑灰产行…»
漏洞氵(CVE-2023-2276)
WordPress中使用WooCommerce多供应商插件的未授权访问漏洞
影响版本2.10.7(包括2.10.7)及之前,插件在trunk/includes/libs/stripe-gateway/.editorconfig处提供的用户控制的对象访问权限允许用户绕过授权并访问系统资源,使得未经身份验证的攻击者有可能通过stripe-gateway/.php-cs-fixer.php更改用户密码甚至接管管理员帐户,造成漏洞的代码逻辑如图
poc:
parse_str($_POST['wc_fm_membership_registration_form')
$wcfm_membership_registration_form_data)
$wcfm_membership_registration_form_data = WC_clean($wcfm_membership_registration_form_data)
get_wcfmvm_membership_registration_messages()
$has_error = false;
$wcfm_membership = ''
$subnoscription_pay_mode = 'by_wcfm';
if (apply_filters('wcfm_is_allow_registration_recaptcha_enabled', true))
{
WordPress中使用WooCommerce多供应商插件的未授权访问漏洞
影响版本2.10.7(包括2.10.7)及之前,插件在trunk/includes/libs/stripe-gateway/.editorconfig处提供的用户控制的对象访问权限允许用户绕过授权并访问系统资源,使得未经身份验证的攻击者有可能通过stripe-gateway/.php-cs-fixer.php更改用户密码甚至接管管理员帐户,造成漏洞的代码逻辑如图
poc:
parse_str($_POST['wc_fm_membership_registration_form')
$wcfm_membership_registration_form_data)
$wcfm_membership_registration_form_data = WC_clean($wcfm_membership_registration_form_data)
get_wcfmvm_membership_registration_messages()
$has_error = false;
$wcfm_membership = ''
$subnoscription_pay_mode = 'by_wcfm';
if (apply_filters('wcfm_is_allow_registration_recaptcha_enabled', true))
{
挂人氵
隔壁群看到有人在问,https://news.1rj.ru/str/SQL011 靠谱不靠谱,这么多网站后台的截图还放了团队logo证明并非盗图
然而其实大黑客所谓的“坐拥众多后台”很容易就能实现,打开http://www.cssmoban.com/hot
随便点进一个后台模板,挂你的logo合影,结束,毫无技术含量的骗局😅
而他那频道里的“技术文章”,也是百度一搜发现基本上没改字复制粘贴而来,
所谓引流十五人赠送的笔记来自几年前烂大街的小迪公开课,b站私信那些卖课的营销号就能领取全套
频道简介摘抄表弟@G_biaodi007(不是简介里那个,具体哪个频道忘了好像是已经弃用了的腾蛇的那个老频道)
隔壁群看到有人在问,https://news.1rj.ru/str/SQL011 靠谱不靠谱,这么多网站后台的截图还放了团队logo证明并非盗图
然而其实大黑客所谓的“坐拥众多后台”很容易就能实现,打开http://www.cssmoban.com/hot
随便点进一个后台模板,挂你的logo合影,结束,毫无技术含量的骗局😅
而他那频道里的“技术文章”,也是百度一搜发现基本上没改字复制粘贴而来,
所谓引流十五人赠送的笔记来自几年前烂大街的小迪公开课,b站私信那些卖课的营销号就能领取全套
频道简介摘抄表弟@G_biaodi007(不是简介里那个,具体哪个频道忘了好像是已经弃用了的腾蛇的那个老频道)
Telegram
Gengkenbug
本频道用于 渗透测试技术发布 我们组织常年招收危险级别人物(技术) 觉得自己是可以私聊我有多危险都行 (不招没有道德底线的亦或者曾经没有道德底线的) 过了入组 为了构造2021年的APT团队 而前行 希望大家热爱渗透 热爱梦想
https://news.1rj.ru/str/Gengkenbug 技术交流群
https://news.1rj.ru/str/Gengkenbug 技术交流群
👍1
漏洞氵
Adam Mobilmen终端软件特殊元素的不正确过滤SQL注入漏洞(CVE-2023-1508)
披露时间 北京时间2023-05-24凌晨六点左右,CVSS评分9.8(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
JSON:
{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2023-1508","assignerOrgId":"ca940d4e-fea4-4aa2-9a58-591a58b1ce21","state":"PUBLISHED","assignerShortName":"TR-CERT","dateReserved":"2023-03-20T08:10:52.189Z","datePublished":"2023-05-23T20:00:41.023Z","dateUpdated":"2023-05-23T20:00:41.023Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Mobilmen Terminal Software","vendor":"Adam Retail Automation Systems","versions":[{"lessThan":"3","status":"affected","version":"0","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"Omer Fatih YEGIN"}],"datePublic":"2023-05-23T20:00:00.000Z","denoscriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.<p>This issue affects Mobilmen Terminal Software: before 3.</p>"}],"value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.This issue affects Mobilmen Terminal Software: before 3.\n\n"}],"impacts":[{"capecId":"CAPEC-66","denoscriptions":[{"lang":"en","value":"CAPEC-66 SQL Injection"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"denoscriptions":[{"cweId":"CWE-89","denoscription":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"ca940d4e-fea4-4aa2-9a58-591a58b1ce21","shortName":"TR-CERT","dateUpdated":"2023-05-23T20:00:41.023Z"},"references":[{"tags":["government-resource"],"url":"https://www.usom.gov.tr/bildirim/tr-23-0284"}],"source":{"advisory":"TR-23-0284","defect":["TR-23-0284"],"discovery":"EXTERNAL"},"noscript":"SQLi in AdamPOS's Mobilmen Terminal Software","x_generator":{"engine":"Vulnogram 0.1.0-dev"}}}}
影响版本
Mobilmen移动端从6.0之前的5.0全部版本均受影响(但不包括6.0)
poc
在公开频道里白嫖这种漏洞的poc你想屁吃呢😅
Adam Mobilmen终端软件特殊元素的不正确过滤SQL注入漏洞(CVE-2023-1508)
披露时间 北京时间2023-05-24凌晨六点左右,CVSS评分9.8(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
JSON:
{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2023-1508","assignerOrgId":"ca940d4e-fea4-4aa2-9a58-591a58b1ce21","state":"PUBLISHED","assignerShortName":"TR-CERT","dateReserved":"2023-03-20T08:10:52.189Z","datePublished":"2023-05-23T20:00:41.023Z","dateUpdated":"2023-05-23T20:00:41.023Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Mobilmen Terminal Software","vendor":"Adam Retail Automation Systems","versions":[{"lessThan":"3","status":"affected","version":"0","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"Omer Fatih YEGIN"}],"datePublic":"2023-05-23T20:00:00.000Z","denoscriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.<p>This issue affects Mobilmen Terminal Software: before 3.</p>"}],"value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.This issue affects Mobilmen Terminal Software: before 3.\n\n"}],"impacts":[{"capecId":"CAPEC-66","denoscriptions":[{"lang":"en","value":"CAPEC-66 SQL Injection"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"denoscriptions":[{"cweId":"CWE-89","denoscription":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"ca940d4e-fea4-4aa2-9a58-591a58b1ce21","shortName":"TR-CERT","dateUpdated":"2023-05-23T20:00:41.023Z"},"references":[{"tags":["government-resource"],"url":"https://www.usom.gov.tr/bildirim/tr-23-0284"}],"source":{"advisory":"TR-23-0284","defect":["TR-23-0284"],"discovery":"EXTERNAL"},"noscript":"SQLi in AdamPOS's Mobilmen Terminal Software","x_generator":{"engine":"Vulnogram 0.1.0-dev"}}}}
影响版本
Mobilmen移动端从6.0之前的5.0全部版本均受影响(但不包括6.0)
poc