漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0101398
漏洞标题:新疆维吾尔自治区高等教育自学考试委员会办公室sql注入漏洞+弱口令+文明密码
相关厂商:cncert国家互联网应急中心
漏洞作者: 路人甲
提交时间:2015-03-17 10:37
修复时间:2015-05-04 17:10
公开时间:2015-05-04 17:10
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:20
漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-03-17: 细节已通知厂商并且等待厂商处理中
2015-03-20: 厂商已经确认,细节仅向厂商公开
2015-03-30: 细节向核心白帽子及相关领域专家公开
2015-04-09: 细节向普通白帽子公开
2015-04-19: 细节向实习白帽子公开
2015-05-04: 细节向公众公开
简要描述:
好久没发洞了 来一发
详细说明:
![W~])5]64NOQCGJ@]~31I{VN.jpg](http://wimg.zone.ci/upload/201503/14213904703ddaa83da129579504f356ed12ecd7.jpg)
http://222.82.232.181:88/more.php?ks=1&lm=2 注入点……
mysql root权限 想拿下这台服务器那不是分分钟的事???
![)(9C}27))QX3@TF_]IF6VTO.png](http://wimg.zone.ci/upload/201503/14213337a0680a406ce51e245105976d15f34ae8.png)
后台账号密码+弱口令+文明密码
![LO5(1[LWCV9]~OK(6PCKB4B.png](http://wimg.zone.ci/upload/201503/142134231325a3cbc11df80de29849790aeeeea2.png)
![UP$2CD94G(X8K5]LU5EH_(8.png](http://wimg.zone.ci/upload/201503/142135588ec84600fab33882fd64081961544fa3.png)
我是真心跪了 密码权是123456 哎……
话说 你打开那么多端口是干啥的 反正我是没弄明白 没弄明白
21 文件传输协议(控制)
23 telnet 终端仿真协议
22 SSH远程登录协议
88 Kerberros安全认证系统
1800 1800 号端口
1802 1802 号端口
1803 1803 号端口
1804 enl
1806 1806 号端口
1807 SpySender
1808 1808 号端口
1809 1809 号端口
1810 1810 号端口
1811 1811 号端口
1813 RADIUS Accounting
1814 TDP
1815 mmpft
1818 etftp
1816 harp
1820 mcagent
1817 1817 号端口
1823 Unisys
1819 Plato License Manager
1822 es-elmd
1824 metrics-pas
1998 x25-svc-port
2223 2223 号端口
2222 unreg-ab2
3300 3300 号端口
默默的跪了
漏洞证明:
Data Base Found: information_schema
Data Base Found: mysql
Data Base Found: test
Data Base Found: zkbm
Table found: 2014jyxl
Table found: D_ab_bj
Table found: D_ab_yyjb
Table found: D_ab_xx
Table found: D_ab_xq
Table found: D_ncre_dq
Table found: D_ab_xy
Table found: D_ab_xl
Table found: D_bj
Table found: D_ab_zy
Table found: D_ncre_blcj
Table found: D_ncre_fy
Table found: D_ncre_dqjb
Table found: D_ncre_jt
Table found: D_pet_fy
Table found: D_pet_dq
Table found: D_ncre_pxzl
Table found: D_ncre_jbyy
Table found: D_ncre_whcd
Table found: D_ncre_kdjb
Table found: D_ncre_xb
Table found: D_pet_hj
Table found: D_pet_jb
Table found: D_pet_kd
Table found: D_pet_xl
Table found: D_pet_kszl
Table found: D_pet_zc
Table found: D_pet_xs
Table found: D_xl
Table found: D_xy
Table found: D_xq
Table found: D_yyjb
Table found: D_xx
Table found: D_zjlx
Table found: ab_access
Table found: TempPhoto
Table found: ab_jf
Table found: TTTks_old
Table found: D_zy
Table found: ab_jt_jf
Table found: ab_node
Table found: ab_kc
Table found: ab_ks
Table found: ab_user
Table found: article
Table found: cet46_access
Table found: ab_role
Table found: cet46_jf
Table found: article_manager
Table found: cet46_cj
Table found: cet46_kc
Table found: cet46_jt_jf
Table found: cet46_ks
Table found: cet46_ksDouble
Table found: cet46_node
Table found: cet46_user
Table found: cet46_role
Table found: hj
Table found: cet46_xjyd
Table found: cet46_xj
Table found: dq
Table found: jf_log
Table found: exam_type
Table found: jyxl146
Table found: jyxl_kc
Table found: jyxl_jtdm
Table found: jyxl_jc
Table found: jyxl_kkkc
Table found: jyxl_kssj
Table found: ks_dongtai
Table found: jyxl_zy
Table found: jyxl_yz
Table found: jyxl_sx
Table found: kcxx_test
Table found: ks_fagui
Table found: ks_jiaoliu
Table found: ks_old-11
Table found: ks_old-807
Table found: ks_old
Table found: ks_old1
Table found: ks_old2
Table found: ks_old_test
Table found: ksjf_test
Table found: ks_wenti
Table found: mz
Table found: ncre_access
Table found: mm
Table found: ncre_bskc
Table found: ncre_bm
Table found: ncre_jf_dz_bank
Table found: ncre_node
Table found: ncre_role
Table found: ncre_kksz
Table found: ncre_kc
Table found: ncre_sjkc
Table found: ncre_sjkcwz
Table found: ncre_user
Table found: pet_kc
Table found: passwordquestion
Table found: pet_access
Table found: pet_ks
Table found: pet_node
Table found: pet_kksz
Table found: pet_role
Table found: pet_blcj
Table found: pet_user
Table found: student_exam
Table found: t_ks
Table found: t_bk
Table found: t_ab_ks
Table found: test
Table found: tmpkc
Table found: view_cet46_lsks_cj
Table found: v_dz_feishui_fc
Table found: view_cet46_bkks
Table found: view_zxks_cx_dm
Table found: xb
Table found: view_zxks_tj_bkkcs
Table found: view_zxks_tj_bmrs
Table found: zcxx
Table found: xl
Table found: zjlx
Table found: zk_access
Table found: zk_exter_settlement
Table found: zhiy
Table found: zk_group
Table found: zk_inter_settlement
Table found: zk_jf_dz
Table found: zk_jc
Table found: zk_jf_dz_bank_error
Table found: zk_jf_dz_bank
Table found: zk_jf_dz_feishui
Table found: zk_jtdm
Table found: zk_kd
Table found: zk_kc
Table found: zk_kcxx
Table found: zk_kkkc
Table found: zk_ksjf
Table found: zk_kssj
Table found: zk_node
Table found: zk_site
Table found: zk_role
Table found: zk_sx
Table found: zk_user
Table found: zk_yxdm
Table found: zk_zykc
Table found: zk_yz
Table found: zk_zy
Table found: zk_zyxx
Table found: zyxx_test
Table found: CHARACTER_SETS
Table found: COLLATIONS
Table found: COLUMNS
Table found: COLUMN_PRIVILEGES
Table found: KEY_COLUMN_USAGE
Table found: PROFILING
Table found: ROUTINES
Table found: SCHEMA_PRIVILEGES
Table found: COLLATION_CHARACTER_SET_APPLICABILITY
Table found: SCHEMATA
Table found: STATISTICS
Table found: TABLE_PRIVILEGES
Table found: TABLES
Table found: TABLE_CONSTRAINTS
Table found: TRIGGERS
Table found: USER_PRIVILEGES
Table found: VIEWS
Table found: columns_priv
Table found: db
Table found: func
Table found: help_category
Table found: proc
Table found: help_keyword
Table found: host
Table found: help_topic
Table found: help_relation
Table found: tables_priv
Table found: procs_priv
Table found: time_zone
Table found: time_zone_leap_second
Table found: time_zone_name
Table found: time_zone_transition
Table found: time_zone_transition_type
Table found: user
修复方案:
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:13
确认时间:2015-03-20 17:08
厂商回复:
CNVD确认所述情况,已经转由CNCERT下发给分中心,由其后续协调网站管理单位处置。
最新状态:
暂无