当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0121998

漏洞标题:甘肃省公安厅出入境管理局官网存在多处SQL注入漏洞

相关厂商:甘肃省公安厅出入境管理局

漏洞作者: 朱元璋

提交时间:2015-06-24 19:40

修复时间:2015-08-09 11:34

公开时间:2015-08-09 11:34

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:19

漏洞状态:已交由第三方合作机构(公安部一所)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-06-24: 细节已通知厂商并且等待厂商处理中
2015-06-25: 厂商已经确认,细节仅向厂商公开
2015-07-05: 细节向核心白帽子及相关领域专家公开
2015-07-15: 细节向普通白帽子公开
2015-07-25: 细节向实习白帽子公开
2015-08-09: 细节向公众公开

简要描述:

我只想说一个省的公安厅,安全性也太差了!呵呵

详细说明:

地址
http://121.42.24.155:8888/zww/crj/content.jsp?artid=103 存在注入,参数artid
http://121.42.24.155:8888/zww/crj/list.jsp?classid=001001存在注入,参数classid
http://121.42.24.155:8888/zww/crj/search.jsp?keys=1234 存在注入,参数keys

0.png


NAME,PASSWORD
SYS,952B6161B1061C1D
PUBLIC,NULL
CONNECT,NULL
RESOURCE,NULL
DBA,NULL
SYSTEM,9DCC3A8E0FC86E7B
SELECT_CATALOG_ROLE,NULL
EXECUTE_CATALOG_ROLE,NULL
DELETE_CATALOG_ROLE,NULL
OUTLN,4A3BA55E08595C81
EXP_FULL_DATABASE,NULL
IMP_FULL_DATABASE,NULL
LOGSTDBY_ADMINISTRATOR,NULL
DBFS_ROLE,NULL
DIP,CE4A36B8E06CA59C
AQ_ADMINISTRATOR_ROLE,NULL
AQ_USER_ROLE,NULL
DATAPUMP_EXP_FULL_DATABASE,NULL
DATAPUMP_IMP_FULL_DATABASE,NULL
ADM_PARALLEL_EXECUTE_TASK,NULL
GATHER_SYSTEM_STATISTICS,NULL
JAVA_DEPLOY,NULL
ORACLE_OCM,5A2E026A9157958C
RECOVERY_CATALOG_OWNER,NULL
SCHEDULER_ADMIN,NULL
HS_ADMIN_SELECT_ROLE,NULL
HS_ADMIN_EXECUTE_ROLE,NULL
HS_ADMIN_ROLE,NULL
GLOBAL_AQ_USER_ROLE,GLOBAL
OEM_ADVISOR,NULL
OEM_MONITOR,NULL
DBSNMP,9E2E31E07AE95DEB
APPQOSSYS,519D632B7EE7F63A
WMSYS,7C9BA362F8314299
WM_ADMIN_ROLE,NULL
JAVAUSERPRIV,NULL
JAVAIDPRIV,NULL
JAVASYSPRIV,NULL
JAVADEBUGPRIV,NULL
EJBCLIENT,NULL
JMXSERVER,NULL
JAVA_ADMIN,NULL
XS$NULL,DC4FCC8CB69A6733
EXFSYS,33C758A8E388DEE5
CTXSYS,71E687F036AD56E5
CTXAPP,NULL
XDB,88D8364765FCE6AF
ANONYMOUS,anonymous
XDBADMIN,NULL
XDB_SET_INVOKER,NULL
AUTHENTICATEDUSER,NULL
XDB_WEBSERVICES,NULL
XDB_WEBSERVICES_WITH_PUBLIC,NULL
XDB_WEBSERVICES_OVER_HTTP,NULL
OLAP_DBA,NULL
ORDSYS,7EFA02EC7EA6B86F
ORDDATA,A93EC937FCD1DC2A
ORDPLUGINS,88A2B2C183431F00
SI_INFORMTN_SCHEMA,84B8CBCA4D477FA3
MDSYS,72979A94BAD2AF80
ORDADMIN,NULL
OLAP_XS_ADMIN,NULL
OLAPSYS,4AC23CC3B15E2208
_NEXT_USER,NULL
CWM_USER,NULL
OLAP_USER,NULL
SYSMAN,C91B63D69E17FCA4
MGMT_USER,NULL
MGMT_VIEW,96D35642841EE31D
FLOWS_FILES,4116F6F4FDB7FC55
APEX_PUBLIC_USER,7C283BD1A7E5751C
APEX_ADMINISTRATOR_ROLE,NULL
APEX_030200,6D73B03D806E3601
OWBSYS,610A3C38F301776F
OWB$CLIENT,13D492A4459DFE0D
OWB_DESIGNCENTER_VIEW,NULL
OWB_USER,NULL
OWBSYS_AUDIT,FD8C3D14F6B60015
GSHONGSHAN,8ED10432E3536B64


PASSWORD,USERNAME
202cb962ac59075b964b07152d234b70,窦艳娇
c9a80d01778a3c217463bfa85a944dbe,admin
e10adc3949ba59abbe56e057f20f883e,程俊霖
e10adc3949ba59abbe56e057f20f883e,高何璇
e10adc3949ba59abbe56e057f20f883e,周静萍
e10adc3949ba59abbe56e057f20f883e,霍燕
e10adc3949ba59abbe56e057f20f883e,王艺蓉
96e79218965eb72c92a549dd5a330112,邓斌
e10adc3949ba59abbe56e057f20f883e,张静
e10adc3949ba59abbe56e057f20f883e,林海
e10adc3949ba59abbe56e057f20f883e,林洋
e10adc3949ba59abbe56e057f20f883e,李楠
e10adc3949ba59abbe56e057f20f883e,安炳豫
e10adc3949ba59abbe56e057f20f883e,陈欣
202cb962ac59075b964b07152d234b70,陈得民
6341fc9732e112d80a7af778d225930c,张晶
6341fc9732e112d80a7af778d225930c,张娜
6341fc9732e112d80a7af778d225930c,万清
e10adc3949ba59abbe56e057f20f883e,张晓燕
96e79218965eb72c92a549dd5a330112,王海博
e10adc3949ba59abbe56e057f20f883e,杜春霞
5e06319eb5d400da040fba5d775dad4b,鲁小刚
96e79218965eb72c92a549dd5a330112,高正梅
96e79218965eb72c92a549dd5a330112,楚红梅
e10adc3949ba59abbe56e057f20f883e,孙林
e10adc3949ba59abbe56e057f20f883e,张丽
e10adc3949ba59abbe56e057f20f883e,乔旖
e10adc3949ba59abbe56e057f20f883e,李嘉雯
e10adc3949ba59abbe56e057f20f883e,张希
e10adc3949ba59abbe56e057f20f883e,常龙
e10adc3949ba59abbe56e057f20f883e,张兰
e10adc3949ba59abbe56e057f20f883e,甘露
e10adc3949ba59abbe56e057f20f883e,吴海艳
e10adc3949ba59abbe56e057f20f883e,薛得嵘
e10adc3949ba59abbe56e057f20f883e,陈万里
e10adc3949ba59abbe56e057f20f883e,柴兆奇


mask 区域 
*****DE,USE*****
*****fb89ad2000a*****
*****cbfbb2da00*****
*****cbfddb6330*****
*****fe355600001*****
*****ff55fc00011*****
*****cbffbc1390*****
*****cd1940016,ba*****
*****03500370025*****
*****03f3ddd0026*****
*****04ae9160028*****
*****cc155528a0*****
*****cc176de930*****
*****cc52deb9d0*****
*****cc52f64fd0*****
*****cc532345f0*****
*****cc56a9d930*****
*****cc56c21340*****
*****d457b0059,sj*****
*****cc5fbe6230*****
*****cc61476d90*****
*****641b6f30066*****
*****64cf9030067*****
*****fa71bdc0078*****
*****14ccfa738*****
*****7a493007d,62*****
*****cd4464a250*****
*****cd45de9910*****
*****cd4604fa50*****
*****cd46757e10*****
*****480a7f80094*****
*****cd480c2e60*****
*****4875d5a0097*****
*****cd48ce9f50*****
*****4914bb6009a*****
*****cd4988ca70*****
*****4990265009c*****
*****4b245b200a4*****
*****4b236b800a2*****
*****4b24d9200a5*****
*****cd50a3a740*****
*****edd729c0005*****
*****901b0df0002*****
*****7bef50001,ga*****
*****947e80002,ga*****
*****9f069200003*****
*****d1e36c44d0*****
*****d2991401d0*****
*****c2d2dd4001e*****
*****c7b840021,hu*****
*****d4c60ff690*****
*****d4c66aba10*****
*****d4c6fbd540*****
*****d4c72fa260*****
*****14d4c730a*****
*****d4c763d6f0*****
*****d4dbcce5a0*****
*****d4fdf2db40*****
*****d4ff366430*****
*****d4ff7e9a40*****
*****d500383a90*****
*****d5009a7110*****
*****d501712510*****
*****d504112040*****
*****078bb630065*****
*****d508bfd1c0*****
*****d5131f3120*****
*****d51509d580*****
*****169d2dd0078*****
*****d517606050*****
*****d518198dd0*****
*****606f8007f,ti*****
*****1bd67630089*****
*****d51bdc7850*****
*****1c617b5008b*****
*****1caba11008c*****
*****d51cc7ac30*****
*****1e07b5d0092*****
*****d51e2c8040*****
*****1f1e7820094*****
*****d520452a00*****
*****d550f79bb0*****
*****d31420003,ba*****
*****01b9dd40006*****
*****cbcdf34810*****
*****cbd023ece0*****
*****cbd036d6a0*****
*****cbd063af70*****
*****cbd0ac4d20*****
*****cb0750007,62*****
*****fb93b1c000b*****
*****03a59000d,qi*****
*****cbfc0c6b60*****
*****cbfc173600*****
*****cbfc2b3bb0*****
*****cbfc3fffe0*****
*****fc5a5830012*****
*****fd3e2a00017*****
*****cbfda853d0*****
*****fde3aef0005*****
*****fdeb2070006*****
*****fe85ffb0009*****
*****fe8ca4b000b*****
*****cc024c2f70*****
*****cc068c65c0*****
*****cc0eda6b00*****
*****0f4602d002f*****
*****10caad30031*****
*****122cc8f0036*****
*****cc172315b0*****
*****cc1884db70*****
*****cc4d575d40*****
*****cc4d733e10*****
*****cc4fdc0420*****
*****cc53384560*****
*****cc536f0140*****
*****cc538b3b90*****
*****cc5505e290*****
*****55188fb0055*****
*****cc58752e00*****
*****cc59017f00*****
*****cc5b787fc0*****
*****cc5b810310*****
*****cc5bdb3b10*****
*****cc5bdb8210*****
*****cc5c1b9310*****
*****cc5c4beef0*****
*****64189480065*****
*****c314b006e,14*****
*****d1483006f,14*****
*****a012e4e0070*****
*****ccb29b53e0*****
*****a88a40073,cu*****
*****f9478890076*****
*****fa5d46c0077*****
*****416e1007a,du*****
*****11cd1b9007e*****
*****20333740082*****
*****2b1e0950084*****
*****cd4b31cd50*****
*****cd4be9dcb0*****
*****ce5df9a760*****
*****4ad3a0005,zf*****
*****e0c348a0007*****
*****ac468020004*****
*****cfdf863900*****
*****fe174e30007*****
*****d0397376f0*****
*****d096fdb1d0*****
*****d096fdb3c0*****
*****83c8839000f*****
*****d2d32d7d60*****
*****a6649001b,jy*****
*****c27fe57001c*****
*****c2be7cd001d*****
*****c2efd8c001f*****
*****d4c4ff2900*****
*****c51a49c0028*****
*****c5cceb70029*****
*****d4c6547e50*****
*****6a4d1002c,px*****
*****d4c67bed40*****
*****d4c74cedb0*****
*****d4c78a9660*****
*****d4c7d911a0*****
*****d4c7d93740*****
*****d4c7d94860*****
*****d4c7d97750*****
*****d4cb5a2260*****
*****d4fedfadb0*****
*****d50175a260*****
*****d501d35970*****
*****d501ec3a30*****
*****d508efcd70*****
*****0fa482d006c*****
*****d512336af0*****
*****d5156ac490*****
*****d515c783e0*****
*****17c790e007c*****
*****f24e0007d,ti*****
*****19e0bf10081*****
*****d51aa58c50*****
*****1ab5d330083*****
*****036980085,zh*****
*****0508a0087,zh*****
*****0421f0086,zh*****
*****39a6d0088,zh*****
*****d55895a930*****
*****d559444f50*****
*****d559c7e5a0*****
*****d56cc78fa0*****
*****d57e0c13e0*****
*****f8158ee00a2*****
*****ba678e100ae*****
*****a215c00b0,ny*****
*****02c8dd800b1*****
*****034d06e00b2*****
*****034d0f400b3*****
*****db6f426240*****
*****cbcd5a0490*****
*****cbcd70ed60*****
*****fce03980015*****
*****cc0fd3c1c0*****
*****120fa2e0035*****
*****53e080037,hk*****
*****12e3d230038*****
*****12fc4d70039*****
*****1307844003a*****
*****13e6d9a003b*****
*****cc5fb10f10*****
*****cc600cb5e0*****
*****cc68399330*****
*****cc68aad800*****
*****cd17b2dbf0*****
*****46c563c008e*****
*****46ebf0c008f*****
*****46f06b10090*****
*****470f4560091*****
*****477875b0092*****
*****47d27650093*****
*****48234f60096*****
*****49143df0099*****
*****4c4f56900a8*****
*****cd50904520*****
*****cd9b7ec030*****
*****a91d0fe0001*****
*****eeadb650006*****
*****ce50c0d880*****
*****ce96da1b90*****
*****cfe0ec6850*****
*****d0acf5e1c0*****
*****30417a90012*****
*****1153fcb0016*****
*****d400d3f340*****
*****d465c19bb0*****
*****d483b00e50*****
*****d4db3ea820*****
*****d4e23d6c90*****
*****d4e31d46a0*****
*****d4fe712e20*****
*****17ab15e007a*****
*****17c7202007b*****
*****d518de7110*****
*****1ae776b0084*****
*****d51cb4d720*****
*****1ccc303008f*****
*****1cd2fc60090*****
*****1cd75470091*****
*****d5662cbff0*****
*****d9b263800a1*****
*****d618830320*****
*****d6188913d0*****
*****d6188fccf0*****
*****d61caeb5c0*****
*****d69c73b890*****
*****d69f738c10*****
*****d6b45cf8b0*****
*****b029c00af,ji*****
*****0364a7800b4*****
*****d83b290670*****
*****37b34f600b8*****
*****d8d3e9e0001*****
*****a92f9e80005*****
*****e7e910008,xi*****
*****cbcdc45260*****
*****fb157550008*****
*****cbfb7326d0*****
*****fc67a4d0013*****
*****836860014,yu*****
*****cbfd1c1e70*****
*****cbfdd630e0*****
*****fdf3a270007*****
*****f55a6000d,19*****
*****ff0d836000e*****
*****cbff4b08b0*****
*****cbff5779b0*****
*****026bf45001f*****
*****6fb060020,ji*****
*****cc02718780*****
*****cc0277e930*****
*****cc028a7e70*****
*****08743c4002a*****
*****088e303002b*****
*****092c2a2002c*****
*****0972266002d*****
*****11b128b0032*****
*****cc1632f3b0*****
*****cc18fd1550*****
*****cc1918b9b0*****
*****7751b20006d*****
*****aebc00074,15*****
*****068167e007b*****
*****cd0ad11700*****
*****44bf8690086*****
*****cd45145330*****
*****cd4563d300*****
*****cd45b23b40*****
*****cd464036e0*****
*****49d8520009d*****
*****cd4ad63150*****
*****f0169750007*****
*****cdf49b9870*****
*****cee03e7930*****
*****4732de80009*****
*****4733c40000a*****
*****d88bf7e0010*****
*****5dc4c3d0018*****
*****d4c367ca00*****
*****d4c7853370*****
*****d4c7d7cd80*****
*****d4c7d8baa0*****
*****d4c7d8e0d0*****
*****d4c7d8fc80*****
*****d4c7d92470*****
*****d4c9aa4d00*****
*****d4cde4b670*****
*****d4dc89fc90*****
*****d4dd50f600*****
*****5978c0070,ti*****
*****15ede420074*****
*****160c0f80077*****
*****d51fec2570*****
*****a0c23d200ab*****
*****a0d0cd300ac*****
*****d841b57790*****
*****d841e3e290*****
*****04ac8a00002*****
*****cbcd1c11e0*****
*****cbfd576bb0*****
*****cbfe4c5500*****
*****fe52a610003*****
*****fe640cf0004*****
*****fe73d380005*****
*****cbfe7ceb70*****
*****fe7e5d50007*****
*****cbfe7e7510*****
*****fe8860a000a*****
*****ff99e550013*****
*****ffabe540014*****
*****da68b0017,61*****
*****001789d0019*****
*****1a032001a,ba*****
*****270e4001b,ba*****
*****004369f001c*****
*****520e3001d,hj*****
*****045899a0027*****
*****11cbd0f0033*****
*****12007bd0034*****
*****cc14142320*****
*****cc151339b0*****
*****cc4d8415f0*****
*****3b9c20048,sh*****
*****cc54a43560*****
*****6701a980068*****
*****cc67c7e8a0*****
*****cc68a6c1e0*****
*****ccb286a2e0*****
*****b06400075,15*****
*****1c370fc0080*****
*****1d9beb20081*****
*****21e10ce0083*****
*****cd49fa5e10*****
*****cd4a346080*****
*****cd4abace20*****
*****4b23f7100a3*****
*****a9366000002*****
*****abfd70003,62*****
*****ac4ba0004,62*****
*****367370004,zf*****
*****d097913160*****
*****6ec5ec40013*****
*****d4c4583f60*****
*****d4c4bd41f0*****
*****d4c4c86910*****
*****d4c6c53ad0*****
*****d4c6ce3eb0*****
*****d4c7aa1dc0*****
*****d4c82a45a0*****
*****d4c8d6b910*****
*****d4c9422d70*****
*****ca4209f0048*****
*****ca572650049*****
*****d4caff67c0*****
*****cb942b2004c*****
*****cb96ab5004d*****
*****cbb5ea9004e*****
*****d4ff5dec40*****
*****d4ff6ddaa0*****
*****d5000ab090*****
*****d507c068d0*****
*****d507f62b50*****
*****d5088335d0*****
*****d50883a730*****
*****1428dca006f*****
*****d5160869a0*****
*****d4480009d,by*****
*****64c70100004*****
*****5cd2c530007*****


漏洞证明:

1.png

修复方案:

加强安全意识

版权声明:转载请注明来源 朱元璋@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-06-25 11:33

厂商回复:

非常感谢!
你提交的漏洞已验证,会尽快修复。

最新状态:

暂无