乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-11: 细节已通知厂商并且等待厂商处理中 2015-07-13: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-07-16: 细节向第三方安全合作伙伴开放 2015-09-06: 细节向核心白帽子及相关领域专家公开 2015-09-16: 细节向普通白帽子公开 2015-09-26: 细节向实习白帽子公开 2015-10-11: 细节向公众公开
我看到最近别人提了;我就把最后最后两处提上来;我发誓再也不研究这系统了。
无锡新座标教育科技有限公司开发的数字化校园系统广泛用于中小学网站建设,该系统存在POST类型SQL注入如下:SQL Injection:
/DPMA/Web/OAArea/AreaTeacherInfo.aspx 前两个框框都有注入注入参数:OATeacherInfo1$txtUserName、OATeacherInfo1%24txtTrueName/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx 前两个框框都有注入注入参数:OATeacherWin1%24txtTrueName、&OATeacherWin1%24txtWinTitle
【注意:经测试如果访问提示无权限是因为你之前访问了该站点没有清除Cookie导致的;可以清除cookie或者换一个浏览器,另外建议使用Google或者FireFox下禁用Javascript隐身测试;效果更佳!】Case:
第一处: http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx **.**.**.**:8000/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherInfo.aspx **.**.**.**:9876//DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**//DPMA/Web/OAArea/AreaTeacherInfo.aspx **.**.**.**//DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**//DPMA/Web/OAArea/AreaTeacherInfo.aspx http://**.**.**.**:8030/DPMA/Web/OAArea/AreaTeacherInfo.aspx第二处: http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx **.**.**.**:9876//DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx **.**.**.**:8000/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx **.**.**.**/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**//DPMA/Web/OAArea/AreaTeacherWinInfo.aspx **.**.**.**//DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**//DPMA/Web/OAArea/AreaTeacherWinInfo.aspx http://**.**.**.**:8030/DPMA/Web/OAArea/AreaTeacherWinInfo.aspx
第一处:手工 SQLMAP自动化: 第二处:手工 SQLMAP自动化:
SQLMAP自动化:
第二处:手工
危害等级:高
漏洞Rank:13
确认时间:2015-07-13 14:49
暂无