乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2012-11-30: 细节已通知厂商并且等待厂商处理中 2012-12-04: 厂商已经确认,细节仅向厂商公开 2012-12-14: 细节向核心白帽子及相关领域专家公开 2012-12-24: 细节向普通白帽子公开 2013-01-03: 细节向实习白帽子公开 2013-01-14: 细节向公众公开
SQLI hacking.
1、没有WAF产品部署;2、外部提交的响量没有进行严格转义;3、webshell Attack;
web server operating system: Windowsweb application technology: Apache 2.2.21, PHP 5.2.9back-end DBMS: MySQL 5.0.11
______没有部署防火墙产品______1、SQLI部分列表:
http://www.infosec.org.cn:80/corp/qiye_show.php?id=2753http://www.infosec.org.cn:80/corp/pro_show.php?id=17http://www.infosec.org.cn:80/corp/renwu_show.php?rid=5http://www.infosec.org.cn:80/rule/rule_view.php?ruleid=536http://www.infosec.org.cn:80/rule/rule_list.php?classid=1http://www.infosec.org.cn:80/corp/qiye_gg_show.php?id=29http://www.infosec.org.cn:80/corp/fangan_show.php?id=22http://infosec.org.cn:80/rule/rule_view.php?ruleid=536
2、挖掘出的数据库:infosec、infosecbbs、mysql、test、ucenter3、45个表段:
+--------------------+| ad || admin || admin_menu1 || admin_menu1_gx || admin_menu2 || admin_menu2_gx || business_info || business_notice || campaign_info || city || copy_of_news_info || friend_link || home_focus || info_qiang || news_class || news_fromwhere || news_info || news_info_0821 || news_info_0825 || people_info || policy_class || policy_info || pro_auth || pro_project || product || products_class || program_class || province || qy_tj_class || show_info || subscribe_info || subscribe_userinfo || sys_message || tj_class || tj_info_gx || tj_qyinfo_gx || tj_show_class || tj_showinfo_gx || user_info || user_level || user_level_gx || user_message || user_message_gx || usernews_info || virus_info |+--------------------+
4、7个字段:
+----------+------------------+| Column | Type |+----------+------------------+| id | int(11) unsigned || id1str | varchar(255) || id2str | varchar(255) || password | varchar(50) || realname | varchar(50) || summary | varchar(255) || username | varchar(50) |+----------+------------------+
5、管理员信息:
+---------------+-------------------------------------------+| username | password |+---------------+-------------------------------------------+| xichuabo | *4CA8DA3EA274C235C0C397108F585BBECFB25B8B || wangych | *05B5C3A6FBB155BCE9ACD5E37D95A4355D7E1A7C || lishaopeng123 | *236F8B86B5BDACD2E602BBD52DE415737371A881 |+---------------+-------------------------------------------+
6、目标还存在多出XSS攻击漏洞,这里就不罗列了,自行查找及修复;
1、对外部提交的攻击向量进行严格过滤;2、部署相关的WAF产品进行防御;3、你懂得。
危害等级:高
漏洞Rank:11
确认时间:2012-12-04 18:51
CNVD确认漏洞情况,已经由CNCERT直接联系网站管理方处置。按完全影响机密性进行评分,基本危害评分7.79,发现技术难度系数1.1,涉及行业或单位影响系数1.3,综合rank=11.139
暂无