乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-10-27: 细节已通知厂商并且等待厂商处理中 2014-10-31: 厂商已经确认,细节仅向厂商公开 2014-11-10: 细节向核心白帽子及相关领域专家公开 2014-11-20: 细节向普通白帽子公开 2014-11-30: 细节向实习白帽子公开 2014-12-11: 细节向公众公开
4个大学OA SQL注入打包,能否不走小厂商,上个首页!
1.同济大学协同办公系统地址:http://oa.tongji.edu.cn/login/Login.jsp?logintype=1POST请求
POST /login/VerifyLogin.jsp HTTP/1.1Accept: text/html, application/xhtml+xml, */*Referer: http://oa.tongji.edu.cn/wui/theme/ecology7/page/login.jsp?templateId=21&logintype=1&gopage=&languageid=7&message=17Accept-Language: zh-CNUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflateProxy-Connection: Keep-AliveContent-Length: 247DNT: 1Host: oa.tongji.edu.cnPragma: no-cacheCookie: JSESSIONID=abcwZomBNBpky5jhbJPKu; testBanCookie=testloginfile=%2Fwui%2Ftheme%2Fecology7%2Fpage%2Flogin.jsp%3FtemplateId%3D21%26logintype%3D1%26gopage%3D&logintype=1&fontName=%CE%A2%C8%ED%D1%C5%BA%DA&message=17&gopage=&formmethod=post&rnd=&serial=&username=&isie=true&loginid=a&userpassword=a&submit=
证明:
2. 天津外国语大学oa地址:http://oa.tjfsu.edu.cn/login.asppost请求
POST /loginverify.asp HTTP/1.1Accept: text/html, application/xhtml+xml, */*Referer: http://oa.tjfsu.edu.cn/login.aspAccept-Language: zh-CNUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflateProxy-Connection: Keep-AliveContent-Length: 38DNT: 1Host: oa.tjfsu.edu.cnPragma: no-cacheCookie: ASPSESSIONIDAQCDCARR=HECPCHACBNFCNCJECFGKFNNG; CNZZDATA1000434362=881530955-1413746308-%7C1413746308Digest=&urlFrom=&username=a&password=a
证明
3. 西南林业大学OA地址:http://oa.swfu.edu.cn/thinkeroa/post请求:
POST /thinkeroa/ HTTP/1.1Accept: text/html, application/xhtml+xml, */*Referer: http://oa.swfu.edu.cn/thinkeroa/Accept-Language: zh-CNUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflateProxy-Connection: Keep-AliveContent-Length: 365DNT: 1Host: oa.swfu.edu.cnPragma: no-cacheCookie: ASP.NET_SessionId=ah4242h012gmy3ibjsy5dpbh__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTE2OTYxMTMyNTRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQhidG5Mb2dpbtOux9I9C%2BNIgNDwIOBO3b0aNvY68fNKNOU2x6KvV0W4&__VIEWSTATEGENERATOR=D101C769&__EVENTVALIDATION=%2FwEWBAKS4IK6BAKUj8fhDAKd%2B7qdDgKC3IeGDD%2BkJC4qTKBqogjay%2FvZ3g1wtz3ar2mMYmzvG%2B0EgLb4&txtAccount=a&txtPwd=a&btnLogin.x=23&btnLogin.y=12
4. 河北职业技术学院OA地址:http://oa.hbsi.edu.cn/post请求
POST /Login.MSPX HTTP/1.1Accept: text/html, application/xhtml+xml, */*Referer: http://oa.hbsi.edu.cn/Accept-Language: zh-CNUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflateProxy-Connection: Keep-AliveContent-Length: 23DNT: 1Host: oa.hbsi.edu.cnPragma: no-cacheCookie: ASPSESSIONIDAQCSRSTC=PCHFBBIBJMMFNABIPEIMKKOBtxtUserLogin=a&txtPWD=a
能否别走小厂商!
危害等级:中
漏洞Rank:8
确认时间:2014-10-31 11:24
正在通知相关学校处理
暂无