当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-050209

漏洞标题:中航工业某站一个sql注入

相关厂商:中航工业

漏洞作者: 徽弘

提交时间:2014-06-04 19:36

修复时间:2014-07-23 18:18

公开时间:2014-07-23 18:18

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-06-04: 细节已通知厂商并且等待厂商处理中
2014-06-08: 厂商已经确认,细节仅向厂商公开
2014-06-18: 细节向核心白帽子及相关领域专家公开
2014-06-28: 细节向普通白帽子公开
2014-07-08: 细节向实习白帽子公开
2014-07-23: 细节向公众公开

简要描述:

40个网站的库算1rank吧,也给20rank了

详细说明:

注入点

http://avic-sae.com.cn/NewsParticular.aspx?info_id=1470


跑出的数据库

[*] 007bbbc_db
[*] 0798df
[*] 114bst
[*] 1688ok
[*] 1ede
[*] 2010013_db
[*] 2010015_db
[*] 385774
[*] 51gtime
[*] 888yicheng
[*] a00072063
[*] a77150
[*] a9house
[*] aa1234561
[*] aa12345666
[*] aajincheng2010
[*] abc123456
[*] acem
[*] afl2011
[*] ahand
[*] ahbbls111008
[*] ahhmpx
[*] ahthhyyy
[*] aiddiangan
[*] aidengbinet
[*] aidengn_db
[*] aidengn_yt
[*] aigchao_db
[*] ailin
[*] aiwoaini
[*] aky668
[*] aldaren
[*] alian128
[*] alloy
[*] alumnipower2010
[*] amjjx
[*] amke
[*] amtb
[*] anduoduo
[*] anhuiwuhu2sccom
[*] anjingtang
[*] anybrocooo
[*] aoxunqs37
[*] aoxunqz730
[*] aucrm_cn
[*] autlat
[*] autofnt
[*] automachine
[*] autoparts8
[*] awd123
[*] axjthy
[*] b2c2010
[*] baoyifefo
[*] bar80
[*] batterymall
[*] bb3652009
[*] bbmap
[*] bbtfw0110622
[*] beebox
[*] beibaoyou
[*] bestgosecurity
[*] bhisedu
[*] biztea
[*] bjwellcomcn
[*] blackteaclub
[*] blmakeup
[*] boda6001
[*] bonstechcom
[*] bookwin_db
[*] bpbj
[*] br0829
[*] bwzy
[*] byc
[*] bysunfitness
[*] bz10086
[*] bz186
[*] car12580
[*] careye
[*] cathaylink
[*] ccsmu
[*] cd-autonet
[*] cdaupcom
[*] cdhongrui
[*] cdkunhao
[*] cdldf
[*] cdomain6683
[*] cdwei
[*] cemni
[*] chanchayiwei
[*] changchang
[*] chauhua
[*] chenc
[*] chengjia
[*] chenxingqs1
[*] chenzhen1231
[*] chequan78
[*] chhbj
[*] china118
[*] chinaeliteteam
[*] chinahhmy
[*] chinanhsp
[*] chinankjj
[*] chinaomstone
[*] chinatranslator
[*] chirocomcn
[*] chlw1016
[*] chuangjie
[*] clake2046
[*] cn01good
[*] cnfront
[*] cngt
[*] cnjryy
[*] cnkpartcom1
[*] cnlzpwcn
[*] cnpce
[*] cntea
[*] com25198
[*] com68
[*] com81xiao
[*] congxin
[*] cqjwzcn
[*] cqrckjcom2011
[*] cqxiuniangcom
[*] cqxycy2012
[*] cqzyztb2010
[*] crfood
[*] cshlianhua
[*] cszsxh
[*] cw90022
[*] czzyc
[*] dadi123
[*] dakangwang
[*] danicchina
[*] danpin
[*] daozhen_d3z1z1x
[*] daozhen_db
[*] dapeng
[*] daydaywait
[*] db2012039
[*] db_wmt
[*] DBEasyPanoramaWeb
[*] dbunio1_db
[*] dcmmarkets
[*] ddsos
[*] delsum
[*] dfcnyh
[*] dgtechgain
[*] directm
[*] dlwl
[*] dny1688ftp
[*] dongjianghu
[*] dormin
[*] dotop2011
[*] dqr
[*] dr5123
[*] dsxlyjgov
[*] dtky_cn
[*] dushitx
[*] dutchox_com
[*] dwffm
[*] dx0824
[*] dxe0514
[*] dxsjlb
[*] dyjopto2011
[*] dzxhjm
[*] e993
[*] eeadd09
[*] efederal
[*] egaoyang
[*] eliteteam
[*] encsms
[*] enwgbp
[*] esbuluo
[*] esennet
[*] eskey2011
[*] ethereast
[*] etssm
[*] ExamCreatorDB
[*] ey888
[*] fanweigao
[*] fc2011
[*] fengfeng
[*] ff158
[*] fjdvd
[*] fjplc
[*] fjspring
[*] flyservice1
[*] flyzfzf
[*] fspsh1
[*] fssysoft
[*] ft1529319
[*] ftpcallgoo
[*] ftpcsmorfe
[*] ftpsambapet
[*] ftpwest163
[*] fuersheng
[*] fujiantulou
[*] fuminglong
[*] fuyunjushi
[*] gallery
[*] game80
[*] gaosi
[*] garsw_com
[*] gdchif
[*] gddebaogroup
[*] gdws
[*] gfgyyq
[*] ggmmp
[*] gift2
[*] glzqxj
[*] gmzsgc
[*] goldenid
[*] googlx
[*] gowellfpccn
[*] grandtop
[*] grs13yhekoj
[*] guanjizhu
[*] guatang
[*] guganliren_cn
[*] guidegroup
[*] guxini_com
[*] gwhhwgy2099
[*] gxnmgsh
[*] gzielts008
[*] gzxbljy2
[*] gzy
[*] haidike
[*] haijiecb
[*] haizhougov
[*] han222com
[*] hanyu009
[*] haojiajia
[*] hbzhelian_8080
[*] hc988
[*] hdwlgg
[*] heiyu111
[*] heiyu117
[*] hengxedu1
[*] hexun
[*] hezunnet
[*] hf05519
[*] hfmeanyue
[*] hg0216
[*] hgpm
[*] hgyuxingglasses
[*] hillte
[*] hitop
[*] hixyakuenn
[*] hjmx
[*] hk0902
[*] hkbolan
[*] hllzsnj
[*] hmike
[*] hnccwx
[*] hnqnqx
[*] hnsdpy
[*] hometg
[*] hommould
[*] hongguanzhaung
[*] hongweijobcom
[*] hongxing
[*] hotwind
[*] hq1718
[*] hqxushu
[*] hrksea
[*] hsjkcq2011
[*] htmis
[*] htyxagoto
[*] huaconn
[*] huahai1006
[*] huahua1570
[*] huangchuanliu
[*] huanqiujipiao_cn
[*] huizhimx
[*] hunter2010
[*] huntuanwcomw
[*] hxgyw
[*] hy48
[*] hy5666
[*] hyglg
[*] hyits
[*] hz7
[*] hzbs
[*] hzdfbl
[*] hzdongcheng
[*] hzef
[*] hzq
[*] hzyaoyangcomcom
[*] hzzdyy123
[*] ibdailyxm
[*] ideabest
[*] ido_teamhold
[*] igo188
[*] ihuankeecom
[*] inbcn
[*] innettest3
[*] jackyan
[*] jcigra2010
[*] jcrlzy
[*] jczschina
[*] jd0825
[*] jenny2006nian
[*] jhcgroup2011
[*] jhljcom
[*] jiahongtex
[*] jialongequip
[*] jianbi999
[*] jianzhuxi_cn
[*] jiazheng123
[*] jidanci
[*] jie
[*] jinsunmo
[*] jiudianyuding
[*] jiujuxm
[*] jixingjobcom
[*] jjmnm01
[*] jjtz
[*] jlcynet
[*] jmcdjx
[*] jmhongye
[*] jmxjybdz
[*] jnepoxycn
[*] joa
[*] job2scea
[*] joe
[*] joiebaby
[*] jpbxw
[*] jsagriexpocnuser
[*] jsagriexpoenuser
[*] jscotton
[*] jsfgx
[*] jsjxjt
[*] jslj
[*] jsnjsylh
[*] jsntyjc
[*] jswto
[*] juli
[*] junyuanshoes
[*] jxctea
[*] jxst547056
[*] jxwanmei
[*] jy5181717
[*] jy84700066
[*] jzkxywz
[*] jznyjkjt
[*] kailinlipin
[*] kangli999
[*] kangyesh
[*] kashem
[*] kffund
[*] kingm
[*] kl2011
[*] klzzfw
[*] km4110dl
[*] km616
[*] kmhxsmw1
[*] kmliwei2010
[*] kmshangliang
[*] ksea
[*] ksgld2011
[*] kunlunjs
[*] kuofa
[*] kutie
[*] ky1012
[*] l267test
[*] laibendi
[*] lakjj
[*] lanhailiyi
[*] lantianyu
[*] laoniangjiu1026
[*] lc317815
[*] lcsjnet
[*] lczz
[*] ld553
[*] ldyjc10_db
[*] ldyjcomcn
[*] legao
[*] leo1839
[*] lexuantcom
[*] lhcdc
[*] lian35
[*] lian58
[*] lida
[*] lierftp
[*] likeling
[*] liphide_ftp
[*] lipinshanghai
[*] liu0577
[*] liucf
[*] liughost
[*] liukai19870718
[*] liuxue121
[*] llbio
[*] lmkjfg
[*] lnbon
[*] longtopen
[*] longtoponlineweb01
[*] longtopweb01_en
[*] longtopweb02
[*] lovekh
[*] lpchina
[*] lps
[*] ltfiter
[*] ltowebsitecase
[*] ltzxjx
[*] luyanbrandcom
[*] lvyou121
[*] lxjys
[*] ly2009
[*] lycos102115
[*] lydapeng
[*] lyggzz
[*] lzxydc
[*] lzxyjt
[*] lzzsl3
[*] mag365
[*] manbobrand
[*] maojianyu
[*] master
[*] mattzhang
[*] maxwellsz
[*] mballoon1
[*] mengjun888
[*] mig15bs
[*] milanoobridal
[*] mingfam_db
[*] minglansq34
[*] minhr8
[*] mnshftp
[*] mo3350
[*] model
[*] mokechina
[*] monplatin
[*] msdb
[*] mtdl2
[*] myfan
[*] myhomechina
[*] myjjyjs
[*] mymousehao
[*] mynnservice
[*] myoungad2011
[*] mysoftcom
[*] n020com
[*] nanxiang
[*] nbjt
[*] nbmfjx0408
[*] nbquickway0408
[*] nc2_cn
[*] networkwu
[*] nevernever
[*] newcitymall
[*] newcnheyingdata
[*] newcrm
[*] newhkdvr
[*] newjscqts
[*] newskyshipping
[*] nhcdzx
[*] nhjsjmep
[*] nikanchina
[*] ningbohuazhe
[*] ningbojr0421
[*] ningfsl
[*] ninguo
[*] njfeiming
[*] njjiajiaowang
[*] njnzxd
[*] njsem5
[*] njugl
[*] njzd71
[*] nnu123
[*] novel2
[*] ntkingdee
[*] ntsz1077_com
[*] ntufida
[*] ntxy001
[*] nuoruida
[*] nxislam1
[*] oa898
[*] oamy360
[*] oaoclub
[*] oetec
[*] officesk
[*] omeniacomcn985
[*] oo007
[*] optapolymer
[*] orchidchina
[*] ounafei
[*] ouyagy
[*] oychsc
[*] padorac_db
[*] padorac_hf
[*] panasign123
[*] par888
[*] paralo
[*] parkmapcn
[*] payftp
[*] pcsssy
[*] pdhxbry
[*] pengchao
[*] pinganlong
[*] pinjiezp
[*] pmsm
[*] ptbaobao
[*] ptesf
[*] q1w2e3r4t5
[*] qblc
[*] qdaidi
[*] qdghycom
[*] qdjlfk
[*] qdjlnk
[*] qhg201010
[*] qhg2011
[*] qhit
[*] qianli
[*] qianxinggujiaohd
[*] qitao
[*] qza1078
[*] qzzyy001
[*] racl
[*] red
[*] regan
[*] regboxoffice
[*] ren688
[*] renjurenvotoo
[*] reshui
[*] rihong83
[*] risingsemi01
[*] rlightech
[*] rnbst
[*] rojust565
[*] roussan
[*] rpgwebgame
[*] rs2011
[*] rx265com
[*] ryanyin01
[*] rzdltcom
[*] samsungdown
[*] sanjy
[*] scghwd
[*] scxs
[*] sdyssdys
[*] sean
[*] seasonfly
[*] seasoul
[*] seenews
[*] seline
[*] sendinfo
[*] senlong
[*] servev
[*] sfswgowns
[*] sgzbf
[*] sh17tj8
[*] shachem
[*] shandongqihui
[*] shanghaileguo
[*] shangju
[*] shangyi
[*] shanshan
[*] shanxicoal2
[*] shasm
[*] shcanlian2011
[*] shcckj
[*] shdqweb
[*] shenghuo100
[*] shfxtf
[*] shgjsw
[*] shgljs563com
[*] shgqc
[*] shhx
[*] show6243
[*] shsnsy8a
[*] shuangfeng55
[*] shuxin17cn
[*] shuzizhongyi
[*] sibc
[*] sifangyou
[*] simoncomputer
[*] sinohunters2010
[*] sinoycrm
[*] sinoyota
[*] sipxr
[*] sj37com_db
[*] sjwhao
[*] sl2011
[*] sms_ha41
[*] smsboxian
[*] sncsaj3
[*] socmcu
[*] sort123com
[*] soscience
[*] southinfo
[*] souyousoft
[*] speedsport01
[*] sql6mti
[*] sqslyjt
[*] sr285497659
[*] srt
[*] srwel
[*] sseg
[*] sszs120
[*] stargarments
[*] stlovebaby
[*] stoneyy09
[*] stream
[*] sueszy
[*] sunfmax
[*] suzhouyouqi
[*] suzhouzt
[*] swyoa
[*] sxaefi
[*] syhaier988
[*] syshdz
[*] sz410595
[*] szakddn
[*] szdiban
[*] szhanhuang
[*] szmcbg
[*] szokpack
[*] szshanglin
[*] szshengtang
[*] szshwl
[*] szsmtyw888
[*] szsplendid
[*] szssdly
[*] szwxg
[*] t30_cn
[*] taibo
[*] tanghongxin
[*] tao567
[*] tasun_biz
[*] tcyffs
[*] tebenyi03
[*] tempdb
[*] tengyun365
[*] test1001
[*] testaaa
[*] tfc8523456
[*] tgtools
[*] thls
[*] tianwan
[*] tianyidasz
[*] tielang
[*] tihimcn_db
[*] time9999
[*] time_9999
[*] tinyi
[*] tjoie
[*] tome1
[*] tongchengwang
[*] topway100
[*] tqnd730818
[*] tr0928
[*] transchair1
[*] trip580_db
[*] tt53mc
[*] ttmac
[*] tuangou56com
[*] tubu
[*] tuoyang
[*] turnonme
[*] tuz
[*] tx20110824
[*] tydphoto
[*] tzjgrz
[*] tzxz
[*] u2opowercom
[*] uchatme
[*] uhbygb121
[*] up01
[*] uuu3u
[*] uuxa
[*] uuxm
[*] uveitis20113
[*] uwinka_cn
[*] v8x8j123
[*] vastwisdom
[*] vdly
[*] viewcms
[*] villking
[*] vipping
[*] vipvisioncn
[*] w266sqltest
[*] waimaijia1
[*] wanbaowuye
[*] wangmu
[*] wangqising
[*] wanshujuan888
[*] wantown
[*] wawakaka
[*] web0303922
[*] web0715
[*] web107564
[*] web16495
[*] web24149
[*] web29087
[*] web34269
[*] web366535
[*] web5830
[*] webdapeng
[*] webhost06
[*] webmastergyazxcom
[*] websee
[*] webtest
[*] weidong
[*] weihaiduoli
[*] weiliculture
[*] weipu
[*] weistime
[*] weiyintea
[*] wgbp
[*] whlhgm123
[*] whvizon
[*] whydtmoquan
[*] wisdomcn
[*] wjjdw365
[*] wjxingxin
[*] wmtlqc
[*] wmx
[*] work029
[*] woyiqi
[*] wq20110324
[*] wq315
[*] wsstnz
[*] wtoftp
[*] wufuxin
[*] wuxitky
[*] www.alumnipower.net
[*] www00189
[*] www35ktvcom
[*] www6mti
[*] wwwchenzhoucomcn
[*] wwwhxfc
[*] wxandasafety
[*] wxpd
[*] wxqwxq4321
[*] wxsy
[*] wxxsh10
[*] wykj
[*] wystg
[*] wz315
[*] wzd
[*] wztteac_db
[*] wztz
[*] wzyd
[*] wzzbw
[*] xafrd
[*] xagzs
[*] xajcpx
[*] xd201108
[*] xdict
[*] xgdw
[*] xhdn1
[*] xhqjjw
[*] xiaosi
[*] xiaoyang
[*] xiefeng
[*] xielixiong
[*] xiexie
[*] xigong
[*] xinghuakj
[*] xinhuaeleccom
[*] xinlaonian2009
[*] xinxiwangnet
[*] xiyatu535
[*] xljsh
[*] xlwzhb
[*] xmaohan_db2
[*] xmaoma
[*] xmblj
[*] xmbzys
[*] xmchlu
[*] xmcqm
[*] xmcyhx
[*] xmgzc111
[*] xmlhzy592
[*] xmmcorg
[*] xmmehe
[*] xmrubbercom
[*] xmtswy
[*] xmupeixun_com
[*] xmwuben
[*] xmwyggc_db
[*] xmzknf
[*] xsd88
[*] xu0523ren
[*] xueyu
[*] xuriyou
[*] xxjgsmyx
[*] xywebsite
[*] xzhykj
[*] xzjijia
[*] xzwvg
[*] xzxzjx
[*] ya58
[*] yamanadcom
[*] yancpop
[*] yanfengauto66
[*] yang021chang
[*] yangtianlake
[*] yaoyuxf
[*] ycysyj
[*] yd1009
[*] yd2011
[*] ydwl1120
[*] yeguanhui11
[*] yesast
[*] yf1225
[*] yfgfcrm
[*] yh110
[*] yhtmjz
[*] yihuitz
[*] yintaxiacom
[*] yiqiang
[*] yirong
[*] yjhhsm
[*] yjlouti
[*] ylshop
[*] ym1225
[*] yncybg
[*] yongtian
[*] yorkway
[*] youbin8
[*] youdao
[*] youhonglightcom
[*] ys94taobao
[*] ysjkwhw
[*] ysjmq
[*] ystgou
[*] ytn20100318
[*] ytshop
[*] yuandajigou
[*] yuanlicarboncom
[*] yuebingcity
[*] yuexiangu
[*] yueyiphoto
[*] yuhant
[*] yujiesafety
[*] yuliang
[*] yunkaigarment
[*] yunnanhong
[*] yvtest0919
[*] yxjgm
[*] yxlwhr123
[*] yyl2011
[*] yzglxc
[*] zbxx365
[*] zc2011
[*] zcyxch
[*] zdinfo
[*] zexinet
[*] zgddj_com
[*] zgsyjw
[*] zhaori
[*] zhifuyuancom
[*] zhihedianzi
[*] zhisu006
[*] zhixindz
[*] zhonglv
[*] zhouspet
[*] zhouxp
[*] zhucheng11
[*] zhuzhu
[*] zhzyyfs
[*] ziqing2
[*] zixibeng
[*] zjabc
[*] zjhcpm
[*] zjhczz6677
[*] zmscreen
[*] znsgxx
[*] znsjedu
[*] zntdpx
[*] zongjianw
[*] zs0928
[*] zsitphotogallery
[*] zuanchuang
[*] zxfan
[*] zyshici
[*] zystron
[*] zzdu
[*] zzpda2010
[*] zzrcwcom
[*] zztest12
[*] zztest34

漏洞证明:

QQ截图20140202173954.png


1>为何权限设置的如此松懈?
2>为何会多这么多站点用同一数据库?
3>这些数据在网上流传多久了?
4>有多少网站存在同样的风险?
5>在大数据时代的今天我们为了自己的隐私可以做点什么?

修复方案:

咨询@z7y大黑阔

版权声明:转载请注明来源 徽弘@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:18

确认时间:2014-06-08 22:18

厂商回复:

CNVD确认并复现所述情况,由CNVD通过公开联系渠道向网站管理单位通报。涉及信息泄露风险,rank 118

最新状态:

暂无